diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 000000000..e4c819d25 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,33 @@ +name: Go +on: [push] +jobs: + + build: + name: Build + runs-on: ubuntu-latest + steps: + - name: Set up Go + uses: actions/setup-go@v2 + with: + stable: 'true' + go-version: 1.13 + id: go + + - name: Check out code into the Go module directory + uses: actions/checkout@v2 + + - name: Lint + run: | + echo "golang lint, suggest to use golangci-lint" + + - name: Build + run: | + echo "start to build and test bfe" + go version + make + echo "finish" + + - name: coverage + run: | + make coverage + bash <(curl -s https://codecov.io/bash) diff --git a/.goreleaser.yml b/.goreleaser.yml index 638223b71..afebfb7e9 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -3,14 +3,18 @@ project_name: bfe builds: - binary: bfe main: ./bfe.go - ldflags: - - -X main.version={{.Version}} goos: - linux - darwin - windows goarch: - amd64 + - arm64 + ignore: + - goos: windows + goarch: arm64 + - goos: darwin + goarch: arm64 changelog: skip: true diff --git a/CHANGELOG.md b/CHANGELOG.md index 8f25bc62a..578486607 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,34 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). + +## [v0.11.0] - 2020-07-24 + +### Added +- Add mod_cors to enable cross-origin resource sharing +- Add mod_secure_link to check authenticity and limit lifetime of links +- Support PROXY protocol for TCP connections to backend +- Support checking revocation status of the client certificate +- mod_auth_request: send request with X-Forwarded-Method/X-Forwarded-Uri headers +- mod_userid: support global rules +- mod_key_log: support conditional logging +- Add arm64 support for goreleaser + +### Changed +- Create listeners in the final initialization step +- Change package name to 'github.com/bfenetworks/bfe' + +### Removed +- Drops words like blacklist from programming to make vocabulary more inclusive +- Remove legacy signature of response + +### Fixed +- Fix getTransport() and modify transports map with write lock + +### Security +- Fix textproto: not normalize headers with spaces before the colon (CVE-2019-16276) + + ## [v0.10.0] - 2020-05-25 ### Added - mod_auth_request: authorize clients based on thirdparty authorization service @@ -163,13 +191,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Flexible plugin framework to extend functionality. Based on the framework, developer can add new features rapidly - Detailed built-in metrics available for service status monitor -[v0.10.0]: https://github.com/baidu/bfe/compare/v0.9.0...v0.10.0 -[v0.9.0]: https://github.com/baidu/bfe/compare/v0.8.0...v0.9.0 -[v0.8.0]: https://github.com/baidu/bfe/compare/v0.7.0...v0.8.0 -[v0.7.0]: https://github.com/baidu/bfe/compare/v0.6.0...v0.7.0 -[v0.6.0]: https://github.com/baidu/bfe/compare/v0.5.0...v0.6.0 -[v0.5.0]: https://github.com/baidu/bfe/compare/v0.4.0...v0.5.0 -[v0.4.0]: https://github.com/baidu/bfe/compare/v0.3.0...v0.4.0 -[v0.3.0]: https://github.com/baidu/bfe/compare/v0.2.0...v0.3.0 -[v0.2.0]: https://github.com/baidu/bfe/compare/v0.1.0...v0.2.0 -[v0.1.0]: https://github.com/baidu/bfe/releases/tag/v0.1.0 +[v0.11.0]: https://github.com/bfenetworks/bfe/compare/v0.10.0...v0.11.0 +[v0.10.0]: https://github.com/bfenetworks/bfe/compare/v0.9.0...v0.10.0 +[v0.9.0]: https://github.com/bfenetworks/bfe/compare/v0.8.0...v0.9.0 +[v0.8.0]: https://github.com/bfenetworks/bfe/compare/v0.7.0...v0.8.0 +[v0.7.0]: https://github.com/bfenetworks/bfe/compare/v0.6.0...v0.7.0 +[v0.6.0]: https://github.com/bfenetworks/bfe/compare/v0.5.0...v0.6.0 +[v0.5.0]: https://github.com/bfenetworks/bfe/compare/v0.4.0...v0.5.0 +[v0.4.0]: https://github.com/bfenetworks/bfe/compare/v0.3.0...v0.4.0 +[v0.3.0]: https://github.com/bfenetworks/bfe/compare/v0.2.0...v0.3.0 +[v0.2.0]: https://github.com/bfenetworks/bfe/compare/v0.1.0...v0.2.0 +[v0.1.0]: https://github.com/bfenetworks/bfe/releases/tag/v0.1.0 diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index 12d0c8587..91b8bb7d0 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -1,76 +1,3 @@ -# Contributor Covenant Code of Conduct +# BFE Community Code of Conduct -## Our Pledge - -In the interest of fostering an open and welcoming environment, we as -contributors and maintainers pledge to making participation in our project and -our community a harassment-free experience for everyone, regardless of age, body -size, disability, ethnicity, sex characteristics, gender identity and expression, -level of experience, education, socio-economic status, nationality, personal -appearance, race, religion, or sexual identity and orientation. - -## Our Standards - -Examples of behavior that contributes to creating a positive environment -include: - -* Using welcoming and inclusive language -* Being respectful of differing viewpoints and experiences -* Gracefully accepting constructive criticism -* Focusing on what is best for the community -* Showing empathy towards other community members - -Examples of unacceptable behavior by participants include: - -* The use of sexualized language or imagery and unwelcome sexual attention or - advances -* Trolling, insulting/derogatory comments, and personal or political attacks -* Public or private harassment -* Publishing others' private information, such as a physical or electronic - address, without explicit permission -* Other conduct which could reasonably be considered inappropriate in a - professional setting - -## Our Responsibilities - -Project maintainers are responsible for clarifying the standards of acceptable -behavior and are expected to take appropriate and fair corrective action in -response to any instances of unacceptable behavior. - -Project maintainers have the right and responsibility to remove, edit, or -reject comments, commits, code, wiki edits, issues, and other contributions -that are not aligned to this Code of Conduct, or to ban temporarily or -permanently any contributor for other behaviors that they deem inappropriate, -threatening, offensive, or harmful. - -## Scope - -This Code of Conduct applies both within project spaces and in public spaces -when an individual is representing the project or its community. Examples of -representing a project or community include using an official project e-mail -address, posting via an official social media account, or acting as an appointed -representative at an online or offline event. Representation of a project may be -further defined and clarified by project maintainers. - -## Enforcement - -Instances of abusive, harassing, or otherwise unacceptable behavior may be -reported by contacting the project team at bfe-osc@baidu.com. All -complaints will be reviewed and investigated and will result in a response that -is deemed necessary and appropriate to the circumstances. The project team is -obligated to maintain confidentiality with regard to the reporter of an incident. -Further details of specific enforcement policies may be posted separately. - -Project maintainers who do not follow or enforce the Code of Conduct in good -faith may face temporary or permanent repercussions as determined by other -members of the project's leadership. - -## Attribution - -This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, -available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html - -[homepage]: https://www.contributor-covenant.org - -For answers to common questions about this code of conduct, see -https://www.contributor-covenant.org/faq +BFE follows the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/master/code-of-conduct.md). diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 1aaad7c8e..aebce939f 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,7 +1,7 @@ # Contribute Code You are welcome to contribute to project BFE. To contribute to BFE, you have to agree with the -[Contributor License Agreement](https://cla-assistant.io/baidu/bfe). +[Contributor License Agreement](https://cla-assistant.io/bfenetworks/bfe). We sincerely appreciate your contribution. This document explains our workflow and work style. @@ -62,7 +62,7 @@ BFE uses this [Git branching model](http://nvie.com/posts/a-successful-git-branc An experienced Git user pulls from the official repo often -- daily or even hourly, so they notice conflicts with others work early, and it's easier to resolve smaller conflicts. ```bash - git remote add upstream https://github.com/baidu/bfe + git remote add upstream https://github.com/bfenetworks/bfe git pull upstream develop ``` @@ -74,7 +74,7 @@ BFE uses this [Git branching model](http://nvie.com/posts/a-successful-git-branc git push origin my-cool-stuff ``` - The push allows you to create a pull request, requesting owners of this [official repo](https://github.com/baidu/bfe) to pull your change into the official one. + The push allows you to create a pull request, requesting owners of this [official repo](https://github.com/bfenetworks/bfe) to pull your change into the official one. To create a pull request, please follow [these steps](https://help.github.com/articles/creating-a-pull-request/). diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index bf13cc637..c334b081e 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -3,9 +3,16 @@ | Name | Github Account | | ---- | -------------- | +| Aifang Xu | flyanna | | Caiyuan Yang | jansci621 | +| Chao Wang | Corey-Wang | +| Chengjin Wu | ChengjinWu | | Chongmiao Liu | lcmmhcc | +| Daniel Sutton | ducksecops | +| Dechuang Gu | hellogdc | | Derek Zheng | shanhuhai5739 | +| Di Zhao | zd0106 | +| Hao Dong | anotherwriter | | Haobin zhang | zhanghaobin | | Jie Liu | freeHackOfJeff | | Jie Wan | wanjiecs | @@ -14,8 +21,10 @@ | Kaiyu Zheng | kaiyuzheng | | Lihua Chen | clh651188968 | | Limei Xiao | limeix | +| Lei Zhang | deancn | | Lu Guo | guolu60 | | Lujie Zheng | ilujiez | +| Mian Wang | iwangmian | | Miao Zhang | mileszhang2016 | | Min Dai | daimg | | Ming Lin | zhugelianglongming | @@ -23,10 +32,13 @@ | Pengwei Tian | Tovi163 | | Qing Liu | liuximu | | Qingxin Yang | yangqingxin1993 | +| Quan Zhang | FriendshipBridge | | Shan Xiao | arlingtonroad | +| Shengnan Yu | goldfish-fish | | Shuai Yan | yanshuai615270 | | Sijie Yang | iyangsj | | Tianqi Zhang | NKztq | +| Weiqiang Zheng | wrayzheng | | Wenjie Tian | WJTian | | Wenlong Chen | LeroChen | | Wensi Yang | tianxinheihei | @@ -36,12 +48,16 @@ | Xiaoye Jiang | kidleaf-jiang | | Xin Li | lx-or-xxxl | | Yang Liu | dut-yangliu | +| Yusheng Sun | wodedipanr | +| Yuan Liu | lewisay | | Yuqi Xiao | YuqiXiao | | Zheng Liu | liuzheng | | Zhichao Lin | lxiaozhic | | Yuchen Wang | CHneger | +| Zhankang Han | leceshide | | | 0xflotus | | | calify | | | MoonShining | +| | odidev | | | u5surf | | | xiaocongwjb | diff --git a/Dockerfile b/Dockerfile index 66a8407a2..1a89d277a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.13.4-alpine AS build +FROM golang:1.13.11-alpine AS build WORKDIR /bfe COPY . . diff --git a/GOVERNANCE.md b/GOVERNANCE.md index 6cb0e687d..74471de4b 100644 --- a/GOVERNANCE.md +++ b/GOVERNANCE.md @@ -3,7 +3,7 @@ ## Principles The BFE community adheres to the following principles: -- Open: BFE is open source. See [Contributor License Agreement](https://cla-assistant.io/baidu/bfe). +- Open: BFE is open source. See [Contributor License Agreement](https://cla-assistant.io/bfenetworks/bfe). - Welcoming and respectful: See [Code of Conduct](CODE_OF_CONDUCT.md). - Transparent and accessible: Work and collaboration are done in public. - Merit: Ideas and contributions are accepted according to their technical merit and alignment with project objectives, scope, and design principles. @@ -29,7 +29,7 @@ The BFE community adheres to the following principles: * Classify GitHub issues and perform pull request reviews for other maintainers and the community. -* During GitHub issue classification, apply all applicable [labels](https://github.com/baidu/bfe/labels) +* During GitHub issue classification, apply all applicable [labels](https://github.com/bfenetworks/bfe/labels) to each new issue. Labels are extremely useful for follow-up of future issues. Which labels to apply is somewhat subjective so just use your best judgment. diff --git a/MAINTAINERS.md b/MAINTAINERS.md index 09475fafd..905ac40c6 100644 --- a/MAINTAINERS.md +++ b/MAINTAINERS.md @@ -3,15 +3,20 @@ This file lists who are the maintainers of the BFE project. The responsibilities for maintainers are listed in the [GOVERNANCE.md](GOVERNANCE.md) file. ## Project Leader - * [Miao Zhang](mailto:zhangmiao02@baidu.com) - * [Sijie Yang](mailto:yangsijie@baidu.com) +| Name | GitHub ID | Affiliation | +| ---- | --------- | ----------- | +| [Miao Zhang](mailto:zhangmiao02@baidu.com) | [mileszhang2016](https://github.com/mileszhang2016) | Baidu | +| [Sijie Yang](mailto:yangsijie@baidu.com) | [iyangsj](https://github.com/iyangsj) | Baidu | ## Senior Maintainers - * [Sijie Yang](mailto:yangsijie@baidu.com) +| Name | GitHub ID | Affiliation | +| ---- | --------- | ----------- | +| [Sijie Yang](mailto:yangsijie@baidu.com) | [iyangsj](https://github.com/iyangsj) | Baidu | ## Maintainers - * [Derek Zheng](mailto:shanhu5739@gmail.com) - * [Xiaofei Yu](mailto:nemo_00o@hotmail.com) - * [Wensi Yang](mailto:tianxinheihei@gmail.com) - * [Kaiyu Zheng](mailto:412674752@qq.com) - +| Name | GitHub ID | Affiliation | +| ---- | --------- | ----------- | +| [Derek Zheng](mailto:shanhu5739@gmail.com) | [shanhuhai5739](https://github.com/shanhuhai5739) | Kuaishou | +| [Xiaofei Yu](mailto:nemo_00o@hotmail.com) | [xiaofei0800](https://github.com/xiaofei0800) | Baidu | +| [Wensi Yang](mailto:tianxinheihei@gmail.com) | [tianxinheihei](https://github.com/tianxinheihei) | Baidu | +| [Kaiyu Zheng](mailto:412674752@qq.com) | [kaiyuzheng](https://github.com/kaiyuzheng) | ByteDance | diff --git a/Makefile b/Makefile index 39c51907f..130782f7f 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,4 @@ -# Copyright (c) 2019 Baidu, Inc. +# Copyright (c) 2019 The BFE Authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/NOTICE b/NOTICE index 1bc0cca1a..cf627b281 100644 --- a/NOTICE +++ b/NOTICE @@ -1,4 +1,4 @@ -Copyright (c) 2019 Baidu, Inc. All Rights Reserved. +Copyright (c) 2019 The BFE Authors. All Rights Reserved. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/README.md b/README.md index d3409d5fb..126575843 100644 --- a/README.md +++ b/README.md @@ -1,16 +1,16 @@ # BFE -[![GitHub](https://img.shields.io/github/license/baidu/bfe)](https://github.com/baidu/bfe/blob/develop/LICENSE) -[![Travis (.com)](https://img.shields.io/travis/com/baidu/bfe)](https://travis-ci.com/baidu/bfe) -[![Go Report Card](https://goreportcard.com/badge/github.com/baidu/bfe)](https://goreportcard.com/report/github.com/baidu/bfe) -[![GoDoc](https://godoc.org/github.com/baidu/bfe?status.svg)](https://godoc.org/github.com/baidu/bfe/bfe_module) -[![Snap Status](https://build.snapcraft.io/badge/baidu/bfe.svg)](https://build.snapcraft.io/user/baidu/bfe) +[![GitHub](https://img.shields.io/github/license/bfenetworks/bfe)](https://github.com/bfenetworks/bfe/blob/develop/LICENSE) +[![Travis](https://img.shields.io/travis/com/bfenetworks/bfe)](https://travis-ci.com/bfenetworks/bfe) +[![Go Report Card](https://goreportcard.com/badge/github.com/bfenetworks/bfe)](https://goreportcard.com/report/github.com/bfenetworks/bfe) +[![GoDoc](https://godoc.org/github.com/bfenetworks/bfe?status.svg)](https://godoc.org/github.com/bfenetworks/bfe/bfe_module) +[![Snap Status](https://build.snapcraft.io/badge/bfenetworks/bfe.svg)](https://build.snapcraft.io/user/bfenetworks/bfe) [![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/3209/badge)](https://bestpractices.coreinfrastructure.org/projects/3209) -[![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2Fbaidu%2Fbfe.svg?type=shield)](https://app.fossa.io/reports/1bd1bae4-31bf-41bf-8865-320eedbd1f85) -[![CLA assistant](https://cla-assistant.io/readme/badge/baidu/bfe)](https://cla-assistant.io/baidu/bfe) -[![Slack Widget](https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=green)](https://bfe-networks.slack.com/messages/bfedev) +[![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2Fbfenetworks%2Fbfe.svg?type=shield)](https://app.fossa.com/reports/1f05f9f0-ac3d-486e-8ba9-ad95dabd4768) +[![CLA assistant](https://cla-assistant.io/readme/badge/bfenetworks/bfe)](https://cla-assistant.io/bfenetworks/bfe) +[![Slack Widget](https://img.shields.io/badge/join-us%20on%20slack-gray.svg?longCache=true&logo=slack&colorB=green)](https://slack.cncf.io) -BFE is an open-source layer 7 load balancer derived from proprietary Baidu FrontEnd. +BFE is a modern layer 7 load balancer from baidu. ## Advantages - Multiple protocols supported, including HTTP, HTTPS, SPDY, HTTP2, WebSocket, TLS, etc. @@ -30,10 +30,10 @@ BFE is an open-source layer 7 load balancer derived from proprietary Baidu Front - [Chinese version](https://www.bfe-networks.net/zh_cn/ABOUT/) ## Contributing -- Please create an issue in [issue list](http://github.com/baidu/bfe/issues). +- Please create an issue in [issue list](http://github.com/bfenetworks/bfe/issues). - Contact Committers/Owners for further discussion if needed. - Following the golang coding standards. -- See the [CONTRIBUTING](CONTRIBUTING.md) file for details +- See the [CONTRIBUTING](CONTRIBUTING.md) file for details. ## Authors - Owners: [MAINTAINERS](MAINTAINERS.md) @@ -41,7 +41,7 @@ BFE is an open-source layer 7 load balancer derived from proprietary Baidu Front ## Communication - BFE community on Slack: [Sign up](https://join.slack.com/t/bfe-networks/shared_invite/zt-cn04xsqr-j7LDFmPkCuCZ39OLcHlMBA) and join channels on topics that interest you. -- BFE developer group on WeChat: [Send a request mail](mailto:bfe-osc@baidu.com) with your WeChat ID and a contribution you've made to BFE(such as a PR/Issue). We will invite you right away. +- BFE developer group on WeChat: [Send a request mail](mailto:yangsijie@baidu.com) with your WeChat ID and a contribution you've made to BFE(such as a PR/Issue). We will invite you right away. ## License BFE is under the Apache 2.0 license. See the [LICENSE](LICENSE) file for details. diff --git a/VERSION b/VERSION index 78bc1abd1..d9df1bbc0 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.10.0 +0.11.0 diff --git a/bfe.go b/bfe.go index 3480f0aae..24cb7be9d 100644 --- a/bfe.go +++ b/bfe.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -28,10 +28,10 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_config/bfe_conf" - "github.com/baidu/bfe/bfe_debug" - "github.com/baidu/bfe/bfe_server" - "github.com/baidu/bfe/bfe_util" + "github.com/bfenetworks/bfe/bfe_config/bfe_conf" + "github.com/bfenetworks/bfe/bfe_debug" + "github.com/bfenetworks/bfe/bfe_server" + "github.com/bfenetworks/bfe/bfe_util" ) var ( diff --git a/bfe_balance/backend/bfe_backend.go b/bfe_balance/backend/bfe_backend.go index 9293d18ca..969822a6f 100644 --- a/bfe_balance/backend/bfe_backend.go +++ b/bfe_balance/backend/bfe_backend.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -22,7 +22,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" ) // BfeBackend is a backend server. @@ -92,13 +92,13 @@ func (back *BfeBackend) setAvail(avail bool) { func (back *BfeBackend) ConnNum() int { back.RLock() - conns := back.connNum + connNum := back.connNum back.RUnlock() - return conns + return connNum } -func (back *BfeBackend) AddConnNum() { +func (back *BfeBackend) IncConnNum() { back.Lock() back.connNum++ back.Unlock() diff --git a/bfe_balance/backend/bfe_backend_test.go b/bfe_balance/backend/bfe_backend_test.go index 0aea931fa..4817e748f 100644 --- a/bfe_balance/backend/bfe_backend_test.go +++ b/bfe_balance/backend/bfe_backend_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -19,7 +19,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" ) func TestBfeBackendInit_case1(t *testing.T) { diff --git a/bfe_balance/backend/health_check.go b/bfe_balance/backend/health_check.go index 29705e005..05f0c9ad1 100644 --- a/bfe_balance/backend/health_check.go +++ b/bfe_balance/backend/health_check.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -29,8 +29,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/cluster_conf" - "github.com/baidu/bfe/bfe_debug" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/cluster_conf" + "github.com/bfenetworks/bfe/bfe_debug" ) func UpdateStatus(backend *BfeBackend, cluster string) bool { diff --git a/bfe_balance/backend/health_check_test.go b/bfe_balance/backend/health_check_test.go index 1ac9fc583..05a832634 100644 --- a/bfe_balance/backend/health_check_test.go +++ b/bfe_balance/backend/health_check_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -23,7 +23,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/cluster_conf" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/cluster_conf" ) // test CheckConnect, AnyStatusCode case diff --git a/bfe_balance/bal_gslb/bal_gslb.go b/bfe_balance/bal_gslb/bal_gslb.go index b3d2209cb..4bd1e6c02 100644 --- a/bfe_balance/bal_gslb/bal_gslb.go +++ b/bfe_balance/bal_gslb/bal_gslb.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -32,12 +32,12 @@ import ( ) import ( - bal_backend "github.com/baidu/bfe/bfe_balance/backend" - "github.com/baidu/bfe/bfe_balance/bal_slb" - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/cluster_conf" - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/gslb_conf" + bal_backend "github.com/bfenetworks/bfe/bfe_balance/backend" + "github.com/bfenetworks/bfe/bfe_balance/bal_slb" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/cluster_conf" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/gslb_conf" ) const ( diff --git a/bfe_balance/bal_gslb/bal_gslb_test.go b/bfe_balance/bal_gslb/bal_gslb_test.go index 113953c2e..10e7462c7 100644 --- a/bfe_balance/bal_gslb/bal_gslb_test.go +++ b/bfe_balance/bal_gslb/bal_gslb_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -22,11 +22,11 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/cluster_conf" - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/gslb_conf" - "github.com/baidu/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/cluster_conf" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/gslb_conf" + "github.com/bfenetworks/bfe/bfe_http" ) func loadJson(path string, v interface{}) error { diff --git a/bfe_balance/bal_gslb/state.go b/bfe_balance/bal_gslb/state.go index 1908fee81..ecce1426a 100644 --- a/bfe_balance/bal_gslb/state.go +++ b/bfe_balance/bal_gslb/state.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_balance/bal_gslb/sub_cluster.go b/bfe_balance/bal_gslb/sub_cluster.go index d8e44f204..6ea9c82c0 100644 --- a/bfe_balance/bal_gslb/sub_cluster.go +++ b/bfe_balance/bal_gslb/sub_cluster.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -19,9 +19,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_balance/backend" - "github.com/baidu/bfe/bfe_balance/bal_slb" - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" + "github.com/bfenetworks/bfe/bfe_balance/backend" + "github.com/bfenetworks/bfe/bfe_balance/bal_slb" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" ) // type of sub cluster diff --git a/bfe_balance/bal_slb/backend_rr.go b/bfe_balance/bal_slb/backend_rr.go index 63e9c9c89..54d79878b 100644 --- a/bfe_balance/bal_slb/backend_rr.go +++ b/bfe_balance/bal_slb/backend_rr.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,8 +17,8 @@ package bal_slb import ( - "github.com/baidu/bfe/bfe_balance/backend" - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" + "github.com/bfenetworks/bfe/bfe_balance/backend" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" ) type BackendRR struct { diff --git a/bfe_balance/bal_slb/backend_rr_test.go b/bfe_balance/bal_slb/backend_rr_test.go index 3bb4715d6..96b1d19e6 100644 --- a/bfe_balance/bal_slb/backend_rr_test.go +++ b/bfe_balance/bal_slb/backend_rr_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -19,7 +19,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" ) func TestBackendRRInit_case1(t *testing.T) { diff --git a/bfe_balance/bal_slb/bal_rr.go b/bfe_balance/bal_slb/bal_rr.go index 025f3dec3..fcd76dd31 100644 --- a/bfe_balance/bal_slb/bal_rr.go +++ b/bfe_balance/bal_slb/bal_rr.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -49,9 +49,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_balance/backend" - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" - "github.com/baidu/bfe/bfe_debug" + "github.com/bfenetworks/bfe/bfe_balance/backend" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" + "github.com/bfenetworks/bfe/bfe_debug" ) // implementation versions of weighted round robin algorithm diff --git a/bfe_balance/bal_slb/bal_rr_test.go b/bfe_balance/bal_slb/bal_rr_test.go index 1414d1bcd..1a6d673a5 100644 --- a/bfe_balance/bal_slb/bal_rr_test.go +++ b/bfe_balance/bal_slb/bal_rr_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -23,8 +23,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_balance/backend" - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" + "github.com/bfenetworks/bfe/bfe_balance/backend" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" ) func populateBackend(name, addr string, port int, avail bool) *backend.BfeBackend { @@ -71,7 +71,7 @@ func processBalance(t *testing.T, label string, algor int, key []byte, rr *Balan if err != nil { t.Errorf("should not error") } - r.AddConnNum() + r.IncConnNum() l = append(l, r.Name) } @@ -160,9 +160,9 @@ func TestUpdate(t *testing.T) { } b, _ := rr.Balance(WlcSmooth, []byte{1}) - b.AddConnNum() + b.IncConnNum() b, _ = rr.Balance(WlcSmooth, []byte{1}) - b.AddConnNum() + b.IncConnNum() for i := 0; i < len(rr.backends); i++ { brr := rr.backends[i] diff --git a/bfe_balance/bal_table.go b/bfe_balance/bal_table.go index c285b5129..f76177d1e 100644 --- a/bfe_balance/bal_table.go +++ b/bfe_balance/bal_table.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -27,11 +27,11 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_balance/backend" - "github.com/baidu/bfe/bfe_balance/bal_gslb" - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/gslb_conf" - "github.com/baidu/bfe/bfe_route" + "github.com/bfenetworks/bfe/bfe_balance/backend" + "github.com/bfenetworks/bfe/bfe_balance/bal_gslb" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/gslb_conf" + "github.com/bfenetworks/bfe/bfe_route" ) // BalMap holds mappings from clusterName to BalanceGslb. diff --git a/bfe_balance/bal_table_test.go b/bfe_balance/bal_table_test.go index 197cb3025..e07ba1283 100644 --- a/bfe_balance/bal_table_test.go +++ b/bfe_balance/bal_table_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -19,8 +19,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/gslb_conf" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/gslb_conf" ) func TestBalTableConfLoad(t *testing.T) { diff --git a/bfe_balance/bfe_balance.go b/bfe_balance/bfe_balance.go index 8a5d23160..58ca1f4eb 100644 --- a/bfe_balance/bfe_balance.go +++ b/bfe_balance/bfe_balance.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,11 +17,11 @@ package bfe_balance import ( - "github.com/baidu/bfe/bfe_balance/backend" - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/cluster_conf" - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" - "github.com/baidu/bfe/bfe_config/bfe_cluster_conf/gslb_conf" + "github.com/bfenetworks/bfe/bfe_balance/backend" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/cluster_conf" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/cluster_table_conf" + "github.com/bfenetworks/bfe/bfe_config/bfe_cluster_conf/gslb_conf" ) type BfeBalance interface { diff --git a/bfe_basic/action/action.go b/bfe_basic/action/action.go index 353e1857c..098928d3e 100644 --- a/bfe_basic/action/action.go +++ b/bfe_basic/action/action.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -22,7 +22,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_basic" ) const ( diff --git a/bfe_basic/action/action_host.go b/bfe_basic/action/action_host.go index da3b4cefd..041a50900 100644 --- a/bfe_basic/action/action_host.go +++ b/bfe_basic/action/action_host.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -18,7 +18,7 @@ import ( "strings" ) import ( - "github.com/baidu/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_basic" ) // ReqHostSet sets hostname to request. diff --git a/bfe_basic/action/action_path.go b/bfe_basic/action/action_path.go index d9c8baaa9..d8fccfa33 100644 --- a/bfe_basic/action/action_path.go +++ b/bfe_basic/action/action_path.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -19,7 +19,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_basic" ) // ReqPathSet sets path to request. diff --git a/bfe_basic/action/action_query.go b/bfe_basic/action/action_query.go index e1279ca36..5ce839e73 100644 --- a/bfe_basic/action/action_query.go +++ b/bfe_basic/action/action_query.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -21,7 +21,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_basic" ) // queryParse parses request query. diff --git a/bfe_basic/action/action_query_test.go b/bfe_basic/action/action_query_test.go index febf1ea09..98ea4afbb 100644 --- a/bfe_basic/action/action_query_test.go +++ b/bfe_basic/action/action_query_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,8 +20,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" ) func buildTestReq(uri string) *bfe_basic.Request { diff --git a/bfe_basic/action/action_rewrite_test.go b/bfe_basic/action/action_rewrite_test.go index 27ef05a52..78a865c45 100644 --- a/bfe_basic/action/action_rewrite_test.go +++ b/bfe_basic/action/action_rewrite_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -21,8 +21,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" ) func TestActionFileCheck_1(t *testing.T) { diff --git a/bfe_basic/action/action_test.go b/bfe_basic/action/action_test.go index 2dd2a8c9f..a2c9615e2 100644 --- a/bfe_basic/action/action_test.go +++ b/bfe_basic/action/action_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,8 +20,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" ) var actionTestCaseList = []struct { diff --git a/bfe_basic/common.go b/bfe_basic/common.go index e4b8a0fd4..66f6ff273 100644 --- a/bfe_basic/common.go +++ b/bfe_basic/common.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -15,8 +15,8 @@ package bfe_basic import ( - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_route/bfe_cluster" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_route/bfe_cluster" ) const ( diff --git a/bfe_basic/condition/build.go b/bfe_basic/condition/build.go index 7d2470edf..5413b8119 100644 --- a/bfe_basic/condition/build.go +++ b/bfe_basic/condition/build.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -23,7 +23,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic/condition/parser" + "github.com/bfenetworks/bfe/bfe_basic/condition/parser" ) func Build(condStr string) (Condition, error) { diff --git a/bfe_basic/condition/build_test.go b/bfe_basic/condition/build_test.go index 4c59bcf0c..e5d140e1c 100644 --- a/bfe_basic/condition/build_test.go +++ b/bfe_basic/condition/build_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -22,10 +22,10 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_tls" - "github.com/baidu/bfe/bfe_util/net_util" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_tls" + "github.com/bfenetworks/bfe/bfe_util/net_util" ) var ( diff --git a/bfe_basic/condition/composite.go b/bfe_basic/condition/composite.go index 34deca60b..df23a9adf 100644 --- a/bfe_basic/condition/composite.go +++ b/bfe_basic/condition/composite.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,8 +17,8 @@ package condition import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_basic/condition/parser" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_basic/condition/parser" ) // UnaryCond is unary condition for !cond diff --git a/bfe_basic/condition/condition.go b/bfe_basic/condition/condition.go index ca65e86eb..4a680e1a9 100644 --- a/bfe_basic/condition/condition.go +++ b/bfe_basic/condition/condition.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ package condition import ( - "github.com/baidu/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_basic" ) type Condition interface { diff --git a/bfe_basic/condition/parser/ast.go b/bfe_basic/condition/parser/ast.go index 6a4da039b..da4664c30 100644 --- a/bfe_basic/condition/parser/ast.go +++ b/bfe_basic/condition/parser/ast.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_basic/condition/parser/cond.y b/bfe_basic/condition/parser/cond.y index ed52e66f1..b76c08a1f 100755 --- a/bfe_basic/condition/parser/cond.y +++ b/bfe_basic/condition/parser/cond.y @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_basic/condition/parser/doc.go b/bfe_basic/condition/parser/doc.go index 94ff7efc7..177660f34 100755 --- a/bfe_basic/condition/parser/doc.go +++ b/bfe_basic/condition/parser/doc.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_basic/condition/parser/parser.go b/bfe_basic/condition/parser/parser.go index 6939e2b42..0fc1b6195 100644 --- a/bfe_basic/condition/parser/parser.go +++ b/bfe_basic/condition/parser/parser.go @@ -1,6 +1,6 @@ //go:generate goyacc -p cond cond.y -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_basic/condition/parser/parser_test.go b/bfe_basic/condition/parser/parser_test.go index d5cc3a181..c7cedecdc 100644 --- a/bfe_basic/condition/parser/parser_test.go +++ b/bfe_basic/condition/parser/parser_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_basic/condition/parser/scanner.go b/bfe_basic/condition/parser/scanner.go index 96dd3f0ea..9ea2d8b77 100644 --- a/bfe_basic/condition/parser/scanner.go +++ b/bfe_basic/condition/parser/scanner.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_basic/condition/parser/semant.go b/bfe_basic/condition/parser/semant.go index 8052abfd5..830bac216 100644 --- a/bfe_basic/condition/parser/semant.go +++ b/bfe_basic/condition/parser/semant.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_basic/condition/parser/token.go b/bfe_basic/condition/parser/token.go index 41133aecf..4140bfddf 100644 --- a/bfe_basic/condition/parser/token.go +++ b/bfe_basic/condition/parser/token.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_basic/condition/parser/walk.go b/bfe_basic/condition/parser/walk.go index ad5f7d35d..64aad49a6 100644 --- a/bfe_basic/condition/parser/walk.go +++ b/bfe_basic/condition/parser/walk.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_basic/condition/parser/y.go b/bfe_basic/condition/parser/y.go index fb5b3f6f4..45e318c00 100644 --- a/bfe_basic/condition/parser/y.go +++ b/bfe_basic/condition/parser/y.go @@ -58,6 +58,7 @@ var condToknames = [...]string{ "COMMENT", "ILLEGAL", } + var condStatenames = [...]string{} const condEofCode = 1 @@ -129,52 +130,52 @@ const condPrivate = 57344 const condLast = 23 var condAct = [...]int{ - 18, 20, 16, 2, 19, 17, 11, 9, 10, 8, 6, 12, 13, 3, 15, 4, 7, 8, 5, 14, 7, 8, 1, } -var condPact = [...]int{ +var condPact = [...]int{ 6, -1000, 15, 6, 6, -1000, -1, 6, 6, 11, -1000, -6, 3, -1000, -1000, -8, -1000, -1000, -1000, -10, -1000, } -var condPgo = [...]int{ +var condPgo = [...]int{ 0, 22, 3, 18, 14, } -var condR1 = [...]int{ +var condR1 = [...]int{ 0, 1, 2, 2, 2, 2, 2, 2, 3, 3, 4, 4, } -var condR2 = [...]int{ +var condR2 = [...]int{ 0, 1, 3, 3, 3, 2, 1, 1, 4, 3, 1, 3, } -var condChk = [...]int{ +var condChk = [...]int{ -1000, -1, -2, 7, 9, -3, 4, 5, 6, -2, -2, 7, -2, -2, 8, -4, 8, 11, 8, 12, 11, } -var condDef = [...]int{ +var condDef = [...]int{ 0, -2, 1, 0, 0, 6, 7, 0, 0, 0, 5, 0, 3, 4, 2, 0, 9, 10, 8, 0, 11, } -var condTok1 = [...]int{ +var condTok1 = [...]int{ 1, } -var condTok2 = [...]int{ +var condTok2 = [...]int{ 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, } + var condTok3 = [...]int{ 0, } diff --git a/bfe_basic/condition/primitive.go b/bfe_basic/condition/primitive.go index 695cdb046..1a1eb413f 100644 --- a/bfe_basic/condition/primitive.go +++ b/bfe_basic/condition/primitive.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -28,9 +28,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_basic/condition/parser" - "github.com/baidu/bfe/bfe_util/net_util" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_basic/condition/parser" + "github.com/bfenetworks/bfe/bfe_util/net_util" "github.com/spaolacci/murmur3" ) diff --git a/bfe_basic/condition/primitive_test.go b/bfe_basic/condition/primitive_test.go index b98774da7..6088520a9 100644 --- a/bfe_basic/condition/primitive_test.go +++ b/bfe_basic/condition/primitive_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,8 +20,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" ) func TestIn(t *testing.T) { diff --git a/bfe_basic/error_code.go b/bfe_basic/error_code.go index 1ad82bcde..48ae6d2d9 100644 --- a/bfe_basic/error_code.go +++ b/bfe_basic/error_code.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_basic/request.go b/bfe_basic/request.go index 74361b998..db375015e 100644 --- a/bfe_basic/request.go +++ b/bfe_basic/request.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -22,8 +22,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_balance/backend" - "github.com/baidu/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_balance/backend" + "github.com/bfenetworks/bfe/bfe_http" ) type BackendInfo struct { diff --git a/bfe_basic/request_stat.go b/bfe_basic/request_stat.go index afd35fa46..9b90b2e12 100644 --- a/bfe_basic/request_stat.go +++ b/bfe_basic/request_stat.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_basic/session.go b/bfe_basic/session.go index af85a64c2..a4920e5a4 100644 --- a/bfe_basic/session.go +++ b/bfe_basic/session.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,15 +17,15 @@ package bfe_basic import ( + "fmt" "net" "sync" "sync/atomic" "time" - "fmt" ) import ( - "github.com/baidu/bfe/bfe_tls" + "github.com/bfenetworks/bfe/bfe_tls" ) type Session struct { @@ -121,13 +121,13 @@ func (s *Session) SetError(errCode error, errMsg string) { s.lock.Unlock() } -func (s *Session) GetError() (error, string) { +func (s *Session) GetError() (string, error) { s.lock.Lock() errCode := s.ErrCode errMsg := s.ErrMsg s.lock.Unlock() - return errCode, errMsg + return errMsg, errCode } func (s *Session) SetContext(key, val interface{}) { diff --git a/bfe_bufio/bufio.go b/bfe_bufio/bufio.go index ab00235ca..997f20745 100644 --- a/bfe_bufio/bufio.go +++ b/bfe_bufio/bufio.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_bufio/bufio_test.go b/bfe_bufio/bufio_test.go index e2da4a888..832616671 100644 --- a/bfe_bufio/bufio_test.go +++ b/bfe_bufio/bufio_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_cluster_conf/cluster_conf/cluster_conf_load.go b/bfe_config/bfe_cluster_conf/cluster_conf/cluster_conf_load.go index de3232514..f0078298f 100644 --- a/bfe_config/bfe_cluster_conf/cluster_conf/cluster_conf_load.go +++ b/bfe_config/bfe_cluster_conf/cluster_conf/cluster_conf_load.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_cluster_conf/cluster_conf/cluster_conf_load_test.go b/bfe_config/bfe_cluster_conf/cluster_conf/cluster_conf_load_test.go index af40aae4f..ec610472a 100644 --- a/bfe_config/bfe_cluster_conf/cluster_conf/cluster_conf_load_test.go +++ b/bfe_config/bfe_cluster_conf/cluster_conf/cluster_conf_load_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_cluster_conf/cluster_table_conf/cluster_table_load.go b/bfe_config/bfe_cluster_conf/cluster_table_conf/cluster_table_load.go index 579779c1c..432ab8c1f 100644 --- a/bfe_config/bfe_cluster_conf/cluster_table_conf/cluster_table_load.go +++ b/bfe_config/bfe_cluster_conf/cluster_table_conf/cluster_table_load.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_cluster_conf/cluster_table_conf/cluster_table_load_test.go b/bfe_config/bfe_cluster_conf/cluster_table_conf/cluster_table_load_test.go index 26b78cac6..9372840f3 100644 --- a/bfe_config/bfe_cluster_conf/cluster_table_conf/cluster_table_load_test.go +++ b/bfe_config/bfe_cluster_conf/cluster_table_conf/cluster_table_load_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_cluster_conf/gslb_conf/gslb_conf_load.go b/bfe_config/bfe_cluster_conf/gslb_conf/gslb_conf_load.go index 9a867ae87..48543b096 100644 --- a/bfe_config/bfe_cluster_conf/gslb_conf/gslb_conf_load.go +++ b/bfe_config/bfe_cluster_conf/gslb_conf/gslb_conf_load.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_cluster_conf/gslb_conf/gslb_conf_load_test.go b/bfe_config/bfe_cluster_conf/gslb_conf/gslb_conf_load_test.go index 6364f203f..f231d13e6 100644 --- a/bfe_config/bfe_cluster_conf/gslb_conf/gslb_conf_load_test.go +++ b/bfe_config/bfe_cluster_conf/gslb_conf/gslb_conf_load_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_conf/bfe_config_load.go b/bfe_config/bfe_conf/bfe_config_load.go index bf66f440b..7adc45e8b 100644 --- a/bfe_config/bfe_conf/bfe_config_load.go +++ b/bfe_config/bfe_conf/bfe_config_load.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_conf/bfe_config_load_test.go b/bfe_config/bfe_conf/bfe_config_load_test.go index 8e1539a14..f447e416a 100644 --- a/bfe_config/bfe_conf/bfe_config_load_test.go +++ b/bfe_config/bfe_conf/bfe_config_load_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_conf/conf_basic.go b/bfe_config/bfe_conf/conf_basic.go index 63359a594..934ef2137 100644 --- a/bfe_config/bfe_conf/conf_basic.go +++ b/bfe_config/bfe_conf/conf_basic.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -25,7 +25,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_util" + "github.com/bfenetworks/bfe/bfe_util" ) const ( diff --git a/bfe_config/bfe_conf/conf_basic_test.go b/bfe_config/bfe_conf/conf_basic_test.go index 9c3c6465e..dd3dfb0c6 100644 --- a/bfe_config/bfe_conf/conf_basic_test.go +++ b/bfe_config/bfe_conf/conf_basic_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_conf/conf_https_basic.go b/bfe_config/bfe_conf/conf_https_basic.go index c432e9bde..8e63f24a2 100644 --- a/bfe_config/bfe_conf/conf_https_basic.go +++ b/bfe_config/bfe_conf/conf_https_basic.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -18,6 +18,7 @@ import ( "crypto/x509" "fmt" "io/ioutil" + "os" "strings" ) @@ -26,8 +27,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_tls" - "github.com/baidu/bfe/bfe_util" + "github.com/bfenetworks/bfe/bfe_tls" + "github.com/bfenetworks/bfe/bfe_util" ) var TlsVersionMap = map[string]uint16{ @@ -77,7 +78,8 @@ type ConfigHttpsBasic struct { EnableSslv2ClientHello bool // support sslv2 client hello for backward compatibility - ClientCABaseDir string // client root CAs base directory + ClientCABaseDir string // client root CAs base directory + ClientCRLBaseDir string // client cert CRL base directory } func (cfg *ConfigHttpsBasic) SetDefaultConf() { @@ -122,6 +124,11 @@ func (cfg *ConfigHttpsBasic) Check(confRoot string) error { return err } + err = clientCRLConfCheck(cfg, confRoot) + if err != nil { + return err + } + // check CipherSuites for _, cipherGroup := range cfg.CipherSuites { ciphers := strings.Split(cipherGroup, EquivCipherSep) @@ -180,6 +187,20 @@ func clientCABaseDirCheck(cfg *ConfigHttpsBasic, confRoot string) error { return nil } +func clientCRLConfCheck(cfg *ConfigHttpsBasic, confRoot string) error { + if len(cfg.ClientCRLBaseDir) == 0 { + log.Logger.Warn("ClientCRLBaseDir not set, use default value") + cfg.ClientCRLBaseDir = "tls_conf/client_crl" + } + + cfg.ClientCRLBaseDir = bfe_util.ConfPathProc(cfg.ClientCRLBaseDir, confRoot) + f, err := os.Stat(cfg.ClientCRLBaseDir) + if err != nil || !f.IsDir() { + return fmt.Errorf("ClientCRLBaseDir %s not exists", cfg.ClientCRLBaseDir) + } + return nil +} + func tlsVersionCheck(cfg *ConfigHttpsBasic) error { if len(cfg.MaxTlsVersion) == 0 { cfg.MaxTlsVersion = "VersionTLS12" diff --git a/bfe_config/bfe_conf/conf_https_basic_test.go b/bfe_config/bfe_conf/conf_https_basic_test.go index 112d42e15..a524ace17 100644 --- a/bfe_config/bfe_conf/conf_https_basic_test.go +++ b/bfe_config/bfe_conf/conf_https_basic_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_conf/conf_session_cache.go b/bfe_config/bfe_conf/conf_session_cache.go index 798095551..0b326da6d 100644 --- a/bfe_config/bfe_conf/conf_session_cache.go +++ b/bfe_config/bfe_conf/conf_session_cache.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_conf/conf_session_cache_test.go b/bfe_config/bfe_conf/conf_session_cache_test.go index ef2392c37..e67d8f024 100644 --- a/bfe_config/bfe_conf/conf_session_cache_test.go +++ b/bfe_config/bfe_conf/conf_session_cache_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_conf/conf_session_ticket.go b/bfe_config/bfe_conf/conf_session_ticket.go index 72d2fffb7..d1f7411f9 100644 --- a/bfe_config/bfe_conf/conf_session_ticket.go +++ b/bfe_config/bfe_conf/conf_session_ticket.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -19,7 +19,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_util" + "github.com/bfenetworks/bfe/bfe_util" ) type ConfigSessionTicket struct { diff --git a/bfe_config/bfe_conf/conf_session_ticket_test.go b/bfe_config/bfe_conf/conf_session_ticket_test.go index 87c9842b8..98efaa044 100644 --- a/bfe_config/bfe_conf/conf_session_ticket_test.go +++ b/bfe_config/bfe_conf/conf_session_ticket_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_conf/testdata/conf_all/bfe_1.conf b/bfe_config/bfe_conf/testdata/conf_all/bfe_1.conf index da58c4399..708f1e1cd 100644 --- a/bfe_config/bfe_conf/testdata/conf_all/bfe_1.conf +++ b/bfe_config/bfe_conf/testdata/conf_all/bfe_1.conf @@ -67,6 +67,7 @@ cipherSuites=TLS_RSA_WITH_3DES_EDE_CBC_SHA curvePreferences=CurveP256 ClientCABaseDir = ../data/tls_conf/client_cas +ClientCRLBaseDir = / [SessionCache] # disable session cache or not diff --git a/bfe_config/bfe_conf/testdata/conf_https_basic/bfe_1.conf b/bfe_config/bfe_conf/testdata/conf_https_basic/bfe_1.conf index 67625ba27..4469d2737 100644 --- a/bfe_config/bfe_conf/testdata/conf_https_basic/bfe_1.conf +++ b/bfe_config/bfe_conf/testdata/conf_https_basic/bfe_1.conf @@ -63,6 +63,7 @@ cipherSuites=TLS_RSA_WITH_3DES_EDE_CBC_SHA curvePreferences=CurveP256 ClientCABaseDir = ../data/tls_conf/client_cas +ClientCRLBaseDir = ./ [SessionCache] # disable session cache or not diff --git a/bfe_config/bfe_route_conf/host_rule_conf/host_table_load.go b/bfe_config/bfe_route_conf/host_rule_conf/host_table_load.go index bf7a37c08..44a64ab8a 100644 --- a/bfe_config/bfe_route_conf/host_rule_conf/host_table_load.go +++ b/bfe_config/bfe_route_conf/host_rule_conf/host_table_load.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_route_conf/host_rule_conf/host_table_load_test.go b/bfe_config/bfe_route_conf/host_rule_conf/host_table_load_test.go index ff7833e2c..426300557 100644 --- a/bfe_config/bfe_route_conf/host_rule_conf/host_table_load_test.go +++ b/bfe_config/bfe_route_conf/host_rule_conf/host_table_load_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_route_conf/route_rule_conf/route_table_load.go b/bfe_config/bfe_route_conf/route_rule_conf/route_table_load.go index 42bbfe685..3e953c0c8 100644 --- a/bfe_config/bfe_route_conf/route_rule_conf/route_table_load.go +++ b/bfe_config/bfe_route_conf/route_rule_conf/route_table_load.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -24,7 +24,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic/condition" + "github.com/bfenetworks/bfe/bfe_basic/condition" ) // RouteRule is composed by a condition and cluster to serve diff --git a/bfe_config/bfe_route_conf/route_rule_conf/route_table_load_test.go b/bfe_config/bfe_route_conf/route_rule_conf/route_table_load_test.go index 899102a28..b00450028 100644 --- a/bfe_config/bfe_route_conf/route_rule_conf/route_table_load_test.go +++ b/bfe_config/bfe_route_conf/route_rule_conf/route_table_load_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_route_conf/vip_rule_conf/vip_table_load.go b/bfe_config/bfe_route_conf/vip_rule_conf/vip_table_load.go index 67d8bc545..2e372b663 100644 --- a/bfe_config/bfe_route_conf/vip_rule_conf/vip_table_load.go +++ b/bfe_config/bfe_route_conf/vip_rule_conf/vip_table_load.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_route_conf/vip_rule_conf/vip_table_load_test.go b/bfe_config/bfe_route_conf/vip_rule_conf/vip_table_load_test.go index 5eef73c20..8fcec0a26 100644 --- a/bfe_config/bfe_route_conf/vip_rule_conf/vip_table_load_test.go +++ b/bfe_config/bfe_route_conf/vip_rule_conf/vip_table_load_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_tls_conf/server_cert_conf/server_cert_conf_load.go b/bfe_config/bfe_tls_conf/server_cert_conf/server_cert_conf_load.go index d137ad22e..64bedf957 100644 --- a/bfe_config/bfe_tls_conf/server_cert_conf/server_cert_conf_load.go +++ b/bfe_config/bfe_tls_conf/server_cert_conf/server_cert_conf_load.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -28,8 +28,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_tls" - "github.com/baidu/bfe/bfe_util" + "github.com/bfenetworks/bfe/bfe_tls" + "github.com/bfenetworks/bfe/bfe_util" ) const ( diff --git a/bfe_config/bfe_tls_conf/session_ticket_key_conf/session_ticket_key_conf.go b/bfe_config/bfe_tls_conf/session_ticket_key_conf/session_ticket_key_conf.go index d0a4dc1d6..a0395099a 100644 --- a/bfe_config/bfe_tls_conf/session_ticket_key_conf/session_ticket_key_conf.go +++ b/bfe_config/bfe_tls_conf/session_ticket_key_conf/session_ticket_key_conf.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_tls_conf/session_ticket_key_conf/session_ticket_key_conf_test.go b/bfe_config/bfe_tls_conf/session_ticket_key_conf/session_ticket_key_conf_test.go index 7a658f693..a86b3dcb8 100644 --- a/bfe_config/bfe_tls_conf/session_ticket_key_conf/session_ticket_key_conf_test.go +++ b/bfe_config/bfe_tls_conf/session_ticket_key_conf/session_ticket_key_conf_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_config/bfe_tls_conf/tls_rule_conf/testdata/tls_rule.data b/bfe_config/bfe_tls_conf/tls_rule_conf/testdata/tls_rule.data index e4f05863e..41284fd3e 100644 --- a/bfe_config/bfe_tls_conf/tls_rule_conf/testdata/tls_rule.data +++ b/bfe_config/bfe_tls_conf/tls_rule_conf/testdata/tls_rule.data @@ -17,12 +17,18 @@ "NextProtos": ["spdy/3.1;rate=50", "http/1.1"], "VipConf" : ["1.0.0.4"], "Grade" : "B" - }, + }, "pt": { "CertName": "*.example.com", "NextProtos": ["h2;rate=30", "spdy/3.1;rate=50", "http/1.1"], "VipConf" : ["1.0.0.5"], "Grade" : "B" - } + }, + "pm": { + "CertName": "*.baidu.com", + "NextProtos": ["stream;level=2;pp=1"], + "VipConf" : ["1.0.0.6"], + "Grade" : "B" + } } } diff --git a/bfe_config/bfe_tls_conf/tls_rule_conf/tls_rule_conf_load.go b/bfe_config/bfe_tls_conf/tls_rule_conf/tls_rule_conf_load.go index 03c62dd39..573b7892d 100644 --- a/bfe_config/bfe_tls_conf/tls_rule_conf/tls_rule_conf_load.go +++ b/bfe_config/bfe_tls_conf/tls_rule_conf/tls_rule_conf_load.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -16,8 +16,10 @@ package tls_rule_conf import ( "crypto/x509" + "crypto/x509/pkix" "encoding/json" "fmt" + "io/ioutil" "net" "net/url" "os" @@ -27,9 +29,13 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_config/bfe_conf" - "github.com/baidu/bfe/bfe_config/bfe_tls_conf/server_cert_conf" - "github.com/baidu/bfe/bfe_tls" + "github.com/baidu/go-lib/log" +) + +import ( + "github.com/bfenetworks/bfe/bfe_config/bfe_conf" + "github.com/bfenetworks/bfe/bfe_config/bfe_tls_conf/server_cert_conf" + "github.com/bfenetworks/bfe/bfe_tls" ) // Notes about `NextProtos`: @@ -94,11 +100,18 @@ type TlsRuleConf struct { type TlsRuleMap map[string]*TlsRuleConf // product -> pointer to tls rule conf +const ( + ProxyProtocolDisabled = 0 + ProxyProtocolV1Enabled = 1 + ProxyProtocolV2Enabled = 2 +) + type NextProtosParams struct { Level int // protocol negotiation level Mcs int // max concurrent stream per conn Isw int // initial stream window for server Rate int // presence rate while level is PROTO_OPTIONAL + PP int // proxy protocol to backend, 0: disable, 1: enable v1 pp, 2: enable v2 pp } func GetDefaultNextProtosParams() NextProtosParams { @@ -107,6 +120,7 @@ func GetDefaultNextProtosParams() NextProtosParams { Mcs: 200, Isw: 65535, Rate: 100, + PP: 0, } } @@ -223,6 +237,14 @@ func CheckValidProto(protoConf string) error { return fmt.Errorf("proto rate for http/1.1 should be 100") } + // check proxy protocol + if params.PP < ProxyProtocolDisabled || params.PP > ProxyProtocolV2Enabled { + return fmt.Errorf("proto pp should be [%d, %d]", ProxyProtocolDisabled, ProxyProtocolV2Enabled) + } + if params.PP != ProxyProtocolDisabled && proto != STREAM { + return fmt.Errorf("param pp is only available for %s proto", STREAM) + } + // check next proto for _, validProto := range validNextProtos { if proto == validProto { @@ -276,6 +298,10 @@ func parseProtoParams(protoConf string) (params NextProtosParams, err error) { if params.Rate, err = strconv.Atoi(vals[0]); err != nil { return params, fmt.Errorf("invalid rate: %s", vals[0]) } + case "pp": + if params.PP, err = strconv.Atoi(vals[0]); err != nil { + return params, fmt.Errorf("invalid pp: %s", vals[0]) + } default: return params, fmt.Errorf("unknown params: %s", key) } @@ -444,6 +470,66 @@ func ClientCALoad(tlsRuleMap TlsRuleMap, clientCADir string) (map[string]*x509.C return clientCAMap, nil } +func getCientCRL(clientCRLDir, clientCAName string) ([]*pkix.CertificateList, error) { + clientCRLSubDir := filepath.Join(clientCRLDir, clientCAName) + crlFiles, err := ioutil.ReadDir(clientCRLSubDir) + if err != nil { + log.Logger.Debug("ioutil.ReadDir %s failed: %v", clientCRLSubDir, err) + return nil, nil + } + + var crls []*pkix.CertificateList + for _, crlFile := range crlFiles { + if crlFile.IsDir() { + continue + } + + if !strings.HasSuffix(crlFile.Name(), ".crl") { + continue + } + + crlFilePath := filepath.Join(clientCRLSubDir, crlFile.Name()) + fileContent, err := ioutil.ReadFile(crlFilePath) + if err != nil { + return nil, fmt.Errorf("read crl %s failed, %v", crlFilePath, err) + } + + crl, err := x509.ParseCRL(fileContent) + if err != nil { + return nil, fmt.Errorf("parse crl %s failed, %v", crlFilePath, err) + } + + log.Logger.Debug("read %s success", crlFile.Name()) + crls = append(crls, crl) + } + return crls, nil +} + +func ClientCRLLoad(clientCAMap map[string]*x509.CertPool, clientCRLDir string) (map[string]*bfe_tls.CRLPool, error) { + clientCRLPoolMap := make(map[string]*bfe_tls.CRLPool) + for clientCAName := range clientCAMap { + crls, err := getCientCRL(clientCRLDir, clientCAName) + if err != nil { + return nil, err + } + + if crls == nil { + continue + } + + crlPool := bfe_tls.NewCRLPool() + for _, crl := range crls { + if err := crlPool.AddCRL(crl); err != nil { + return nil, fmt.Errorf("client_ca %s read crl: %v", clientCAName, err) + } + } + + clientCRLPoolMap[clientCAName] = crlPool + } + + return clientCRLPoolMap, nil +} + // TlsRuleConfLoad load config of rule from file. func TlsRuleConfLoad(filename string) (BfeTlsRuleConf, error) { var config BfeTlsRuleConf diff --git a/bfe_config/bfe_tls_conf/tls_rule_conf/tls_rule_conf_load_test.go b/bfe_config/bfe_tls_conf/tls_rule_conf/tls_rule_conf_load_test.go index 678e7e539..9266cc5b8 100644 --- a/bfe_config/bfe_tls_conf/tls_rule_conf/tls_rule_conf_load_test.go +++ b/bfe_config/bfe_tls_conf/tls_rule_conf/tls_rule_conf_load_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_tls" + "github.com/bfenetworks/bfe/bfe_tls" ) func TestTlsRuleConfLoad(t *testing.T) { @@ -55,6 +55,12 @@ func TestTlsRuleConfLoad(t *testing.T) { VipConf: []string{"1.0.0.5"}, Grade: "B", } + confExpect.Config["pm"] = &TlsRuleConf{ + CertName: "*.baidu.com", + NextProtos: []string{"stream;level=2;pp=1"}, + VipConf: []string{"1.0.0.6"}, + Grade: "B", + } if !reflect.DeepEqual(confExpect, confActual) { t.Errorf("config expect %v, actual %v", confExpect, confActual) diff --git a/bfe_debug/bfe_debug.go b/bfe_debug/bfe_debug.go index be25764d1..2042359a3 100644 --- a/bfe_debug/bfe_debug.go +++ b/bfe_debug/bfe_debug.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ package bfe_debug import ( - "github.com/baidu/bfe/bfe_config/bfe_conf" + "github.com/bfenetworks/bfe/bfe_config/bfe_conf" ) var ( diff --git a/bfe_http/chunked.go b/bfe_http/chunked.go index c98bee29d..3faf6929e 100644 --- a/bfe_http/chunked.go +++ b/bfe_http/chunked.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -27,7 +27,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_bufio" + "github.com/bfenetworks/bfe/bfe_bufio" ) const maxLineLength = 4096 // assumed <= bufio.defaultBufSize diff --git a/bfe_http/chunked_test.go b/bfe_http/chunked_test.go index 9a848d713..a5b1f6cbe 100644 --- a/bfe_http/chunked_test.go +++ b/bfe_http/chunked_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http/client.go b/bfe_http/client.go index 1a88435d0..bfb772b80 100644 --- a/bfe_http/client.go +++ b/bfe_http/client.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http/common.go b/bfe_http/common.go index 32842ce91..13378c283 100644 --- a/bfe_http/common.go +++ b/bfe_http/common.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -35,8 +35,8 @@ import ( ) import ( - bufio "github.com/baidu/bfe/bfe_bufio" - tls "github.com/baidu/bfe/bfe_tls" + bufio "github.com/bfenetworks/bfe/bfe_bufio" + tls "github.com/bfenetworks/bfe/bfe_tls" ) // DefaultMaxHeaderBytes is the maximum permitted size of the headers in an HTTP request. diff --git a/bfe_http/cookie.go b/bfe_http/cookie.go index 69e8599c7..c768f6196 100644 --- a/bfe_http/cookie.go +++ b/bfe_http/cookie.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http/cookie_test.go b/bfe_http/cookie_test.go index 4af5654da..98959a295 100644 --- a/bfe_http/cookie_test.go +++ b/bfe_http/cookie_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http/eof_reader.go b/bfe_http/eof_reader.go index 13118da61..889d17e36 100644 --- a/bfe_http/eof_reader.go +++ b/bfe_http/eof_reader.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http/header.go b/bfe_http/header.go index 5588837fd..2e3513fd3 100644 --- a/bfe_http/header.go +++ b/bfe_http/header.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -26,7 +26,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_net/textproto" + "github.com/bfenetworks/bfe/bfe_net/textproto" ) // TimeFormat is the time format to use with diff --git a/bfe_http/header_test.go b/bfe_http/header_test.go index ac6354f9e..3cb6613bb 100644 --- a/bfe_http/header_test.go +++ b/bfe_http/header_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http/httputil/persist.go b/bfe_http/httputil/persist.go index f6a3a9688..4dc0e8573 100644 --- a/bfe_http/httputil/persist.go +++ b/bfe_http/httputil/persist.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -27,8 +27,8 @@ import ( ) import ( - bufio "github.com/baidu/bfe/bfe_bufio" - http "github.com/baidu/bfe/bfe_http" + bufio "github.com/bfenetworks/bfe/bfe_bufio" + http "github.com/bfenetworks/bfe/bfe_http" ) var ( diff --git a/bfe_http/lex.go b/bfe_http/lex.go index 25c9ea934..e6aa32eef 100644 --- a/bfe_http/lex.go +++ b/bfe_http/lex.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http/lex_test.go b/bfe_http/lex_test.go index 7e2bad761..cda55c123 100644 --- a/bfe_http/lex_test.go +++ b/bfe_http/lex_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http/readrequest_test.go b/bfe_http/readrequest_test.go index ec4daa4b1..9feb69fb9 100644 --- a/bfe_http/readrequest_test.go +++ b/bfe_http/readrequest_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -29,7 +29,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_bufio" + "github.com/bfenetworks/bfe/bfe_bufio" ) type reqTest struct { diff --git a/bfe_http/request.go b/bfe_http/request.go index 2495404ef..35c82eb88 100644 --- a/bfe_http/request.go +++ b/bfe_http/request.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -33,14 +33,14 @@ import ( "net/url" "strconv" "strings" + "sync" "time" ) import ( - "github.com/baidu/bfe/bfe_bufio" - "github.com/baidu/bfe/bfe_net/textproto" - "github.com/baidu/bfe/bfe_tls" - "sync" + "github.com/bfenetworks/bfe/bfe_bufio" + "github.com/bfenetworks/bfe/bfe_net/textproto" + "github.com/bfenetworks/bfe/bfe_tls" ) const ( diff --git a/bfe_http/request_test.go b/bfe_http/request_test.go index a9fca1603..f0c8ff799 100644 --- a/bfe_http/request_test.go +++ b/bfe_http/request_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -33,7 +33,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_bufio" + "github.com/bfenetworks/bfe/bfe_bufio" ) func TestQuery(t *testing.T) { diff --git a/bfe_http/requestwrite_test.go b/bfe_http/requestwrite_test.go index e0ca586d0..428523466 100644 --- a/bfe_http/requestwrite_test.go +++ b/bfe_http/requestwrite_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http/response.go b/bfe_http/response.go index eaeca97e8..7d4ce6905 100644 --- a/bfe_http/response.go +++ b/bfe_http/response.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -29,9 +29,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_bufio" - "github.com/baidu/bfe/bfe_net/textproto" - "github.com/baidu/bfe/bfe_tls" + "github.com/bfenetworks/bfe/bfe_bufio" + "github.com/bfenetworks/bfe/bfe_net/textproto" + "github.com/bfenetworks/bfe/bfe_tls" ) var respExcludeHeader = map[string]bool{ diff --git a/bfe_http/response_test.go b/bfe_http/response_test.go index a48a29541..43e951f1a 100644 --- a/bfe_http/response_test.go +++ b/bfe_http/response_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -32,7 +32,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_bufio" + "github.com/bfenetworks/bfe/bfe_bufio" ) type respTest struct { diff --git a/bfe_http/response_writer.go b/bfe_http/response_writer.go index 0db82d7d3..18bf6c60d 100644 --- a/bfe_http/response_writer.go +++ b/bfe_http/response_writer.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http/responsewrite_test.go b/bfe_http/responsewrite_test.go index df7152867..451f9099b 100644 --- a/bfe_http/responsewrite_test.go +++ b/bfe_http/responsewrite_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http/sniff.go b/bfe_http/sniff.go index ce4010569..6e469b264 100644 --- a/bfe_http/sniff.go +++ b/bfe_http/sniff.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http/state.go b/bfe_http/state.go index c6718be8c..c9763b4dd 100644 --- a/bfe_http/state.go +++ b/bfe_http/state.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http/status.go b/bfe_http/status.go index 0d57c1235..648ccb62e 100644 --- a/bfe_http/status.go +++ b/bfe_http/status.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http/transfer.go b/bfe_http/transfer.go index f5e15bd3b..6c75911f7 100644 --- a/bfe_http/transfer.go +++ b/bfe_http/transfer.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -30,8 +30,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_bufio" - "github.com/baidu/bfe/bfe_net/textproto" + "github.com/bfenetworks/bfe/bfe_bufio" + "github.com/bfenetworks/bfe/bfe_net/textproto" ) // transferWriter inspects the fields of a user-supplied Request or Response, diff --git a/bfe_http/transfer_test.go b/bfe_http/transfer_test.go index e8915f900..14bce7d17 100644 --- a/bfe_http/transfer_test.go +++ b/bfe_http/transfer_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -24,7 +24,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_bufio" + "github.com/bfenetworks/bfe/bfe_bufio" ) func TestBodyReadBadTrailer(t *testing.T) { diff --git a/bfe_http/transport.go b/bfe_http/transport.go index 0892720c7..1c2bae3c1 100644 --- a/bfe_http/transport.go +++ b/bfe_http/transport.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -42,8 +42,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_bufio" - "github.com/baidu/bfe/bfe_tls" + "github.com/bfenetworks/bfe/bfe_bufio" + "github.com/bfenetworks/bfe/bfe_tls" ) // DefaultTransport is the default implementation of Transport and is @@ -606,8 +606,8 @@ func useProxy(addr string) bool { } } - no_proxy := getenvEitherCase("NO_PROXY") - if no_proxy == "*" { + noProxy := getenvEitherCase("NO_PROXY") + if noProxy == "*" { return false } @@ -616,7 +616,7 @@ func useProxy(addr string) bool { addr = addr[:strings.LastIndex(addr, ":")] } - for _, p := range strings.Split(no_proxy, ",") { + for _, p := range strings.Split(noProxy, ",") { p = strings.ToLower(strings.TrimSpace(p)) if len(p) == 0 { continue diff --git a/bfe_http2/errors.go b/bfe_http2/errors.go index b6d133a52..ad05a2cdd 100644 --- a/bfe_http2/errors.go +++ b/bfe_http2/errors.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http2/errors_test.go b/bfe_http2/errors_test.go index 99f40294b..33b9d3694 100644 --- a/bfe_http2/errors_test.go +++ b/bfe_http2/errors_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http2/flow.go b/bfe_http2/flow.go index 79a7b9394..75871b795 100644 --- a/bfe_http2/flow.go +++ b/bfe_http2/flow.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http2/flow_test.go b/bfe_http2/flow_test.go index d568ee979..600c62c6d 100644 --- a/bfe_http2/flow_test.go +++ b/bfe_http2/flow_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http2/frame.go b/bfe_http2/frame.go index 615d0950e..3d5dfe47b 100644 --- a/bfe_http2/frame.go +++ b/bfe_http2/frame.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -30,8 +30,8 @@ import ( ) import ( - http "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_http2/hpack" + http "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_http2/hpack" ) const frameHeaderLen = 9 diff --git a/bfe_http2/frame_test.go b/bfe_http2/frame_test.go index a7d024fe7..6cdd48ddd 100644 --- a/bfe_http2/frame_test.go +++ b/bfe_http2/frame_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -29,7 +29,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_http2/hpack" + "github.com/bfenetworks/bfe/bfe_http2/hpack" ) func testFramer() (*Framer, *bytes.Buffer) { diff --git a/bfe_http2/headermap.go b/bfe_http2/headermap.go index d40a9eebc..d8ab6ff71 100644 --- a/bfe_http2/headermap.go +++ b/bfe_http2/headermap.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -23,7 +23,7 @@ import ( ) import ( - http "github.com/baidu/bfe/bfe_http" + http "github.com/bfenetworks/bfe/bfe_http" ) var ( diff --git a/bfe_http2/hpack/encode.go b/bfe_http2/hpack/encode.go index 7d3b35093..b540e67d2 100644 --- a/bfe_http2/hpack/encode.go +++ b/bfe_http2/hpack/encode.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http2/hpack/encode_test.go b/bfe_http2/hpack/encode_test.go index 935b22c72..ce6818946 100644 --- a/bfe_http2/hpack/encode_test.go +++ b/bfe_http2/hpack/encode_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http2/hpack/hpack.go b/bfe_http2/hpack/hpack.go index 46e4acb3b..e4078ba37 100644 --- a/bfe_http2/hpack/hpack.go +++ b/bfe_http2/hpack/hpack.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http2/hpack/hpack_test.go b/bfe_http2/hpack/hpack_test.go index 10030a207..778526146 100644 --- a/bfe_http2/hpack/hpack_test.go +++ b/bfe_http2/hpack/hpack_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http2/hpack/huffman.go b/bfe_http2/hpack/huffman.go index 918b17e00..ac0568239 100644 --- a/bfe_http2/hpack/huffman.go +++ b/bfe_http2/hpack/huffman.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http2/hpack/tables.go b/bfe_http2/hpack/tables.go index 3da22a6e2..baf1a8ece 100644 --- a/bfe_http2/hpack/tables.go +++ b/bfe_http2/hpack/tables.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http2/http2.go b/bfe_http2/http2.go index cdd22502a..edcb6c3d1 100644 --- a/bfe_http2/http2.go +++ b/bfe_http2/http2.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -42,8 +42,8 @@ import ( ) import ( - http "github.com/baidu/bfe/bfe_http" - tls "github.com/baidu/bfe/bfe_tls" + http "github.com/bfenetworks/bfe/bfe_http" + tls "github.com/bfenetworks/bfe/bfe_tls" ) var ( @@ -553,7 +553,7 @@ func acceptRequest() bool { } type ServerRule interface { - GetRule(conn *tls.Conn) *Rule + GetHTTP2Rule(conn *tls.Conn) *Rule } // customized http2 config for specific conn in server side diff --git a/bfe_http2/http2_test.go b/bfe_http2/http2_test.go index c09e31e8b..676341ed4 100644 --- a/bfe_http2/http2_test.go +++ b/bfe_http2/http2_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -34,8 +34,8 @@ import ( ) import ( - http "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_http2/hpack" + http "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_http2/hpack" ) var knownFailing = flag.Bool("known_failing", false, "Run known-failing tests.") diff --git a/bfe_http2/priority_test.go b/bfe_http2/priority_test.go index 96ad3fe5c..b1a4b2ec2 100644 --- a/bfe_http2/priority_test.go +++ b/bfe_http2/priority_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http2/server.go b/bfe_http2/server.go index c607acd77..bc0f72b0f 100644 --- a/bfe_http2/server.go +++ b/bfe_http2/server.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -42,10 +42,10 @@ import ( ) import ( - http "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_http2/hpack" - tls "github.com/baidu/bfe/bfe_tls" - "github.com/baidu/bfe/bfe_util/pipe" + http "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_http2/hpack" + tls "github.com/bfenetworks/bfe/bfe_tls" + "github.com/bfenetworks/bfe/bfe_util/pipe" ) const ( @@ -340,7 +340,7 @@ func (s *Server) ServeConn(c net.Conn, opts *ServeConnOpts) { // get rule for current conn var r *Rule if tlsConn, ok := c.(*tls.Conn); ok && serverRule != nil { - r = serverRule.GetRule(tlsConn) + r = serverRule.GetHTTP2Rule(tlsConn) } sc := &serverConn{ @@ -445,7 +445,7 @@ func (s *Server) ServeConn(c net.Conn, opts *ServeConnOpts) { sc.serve() } -// isBadCipher reports whether the cipher is blacklisted by the HTTP/2 spec. +// isBadCipher reports whether the cipher is blocklisted by the HTTP/2 spec. func isBadCipher(cipher uint16) bool { switch cipher { case tls.TLS_RSA_WITH_RC4_128_SHA, diff --git a/bfe_http2/server_test.go b/bfe_http2/server_test.go index 837aa2fa9..57fe049be 100644 --- a/bfe_http2/server_test.go +++ b/bfe_http2/server_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -38,10 +38,10 @@ import ( ) import ( - http "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_http2/hpack" - tls "github.com/baidu/bfe/bfe_tls" - util "github.com/baidu/bfe/bfe_util" + http "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_http2/hpack" + tls "github.com/bfenetworks/bfe/bfe_tls" + util "github.com/bfenetworks/bfe/bfe_util" ) var stderrVerbose = flag.Bool("stderr_verbose", false, "Mirror verbosity to stderr, unbuffered") diff --git a/bfe_http2/state.go b/bfe_http2/state.go index 85e87dab5..82342ef5d 100644 --- a/bfe_http2/state.go +++ b/bfe_http2/state.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http2/write.go b/bfe_http2/write.go index 7d134d3b7..5a5db229a 100644 --- a/bfe_http2/write.go +++ b/bfe_http2/write.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -26,8 +26,8 @@ import ( ) import ( - http "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_http2/hpack" + http "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_http2/hpack" ) // writeFramer is implemented by any type that is used to write frames. diff --git a/bfe_http2/writesched.go b/bfe_http2/writesched.go index d5d89f924..52b4ea37d 100644 --- a/bfe_http2/writesched.go +++ b/bfe_http2/writesched.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_http2/z_spec_test.go b/bfe_http2/z_spec_test.go index bdcbe5ae0..aa5dc62ec 100644 --- a/bfe_http2/z_spec_test.go +++ b/bfe_http2/z_spec_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_module/bfe_callback.go b/bfe_module/bfe_callback.go index fc17503be..021c44e3c 100644 --- a/bfe_module/bfe_callback.go +++ b/bfe_module/bfe_callback.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -75,8 +75,8 @@ func NewBfeCallbacks() *BfeCallbacks { // create handler list for each callback point // for HandlesAccept - bfeCallbacks.callbacks[HandleAccept] = NewHandlerList(HandleAccept) - bfeCallbacks.callbacks[HandleHandshake] = NewHandlerList(HandleAccept) + bfeCallbacks.callbacks[HandleAccept] = NewHandlerList(HandlersAccept) + bfeCallbacks.callbacks[HandleHandshake] = NewHandlerList(HandlersAccept) // for HandlersRequest bfeCallbacks.callbacks[HandleBeforeLocation] = NewHandlerList(HandlersRequest) diff --git a/bfe_module/bfe_filter.go b/bfe_module/bfe_filter.go index ff2d86603..e05b009ab 100644 --- a/bfe_module/bfe_filter.go +++ b/bfe_module/bfe_filter.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -49,8 +49,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" ) // RequestFilter filters incomming requests and return a response or nil. diff --git a/bfe_module/bfe_handler_list.go b/bfe_module/bfe_handler_list.go index 0645f0d65..e4ea6a1b9 100644 --- a/bfe_module/bfe_handler_list.go +++ b/bfe_module/bfe_handler_list.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -26,8 +26,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" ) // HandlerList type. diff --git a/bfe_module/bfe_module.go b/bfe_module/bfe_module.go index 67a79264f..72c7c7e50 100644 --- a/bfe_module/bfe_module.go +++ b/bfe_module/bfe_module.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_module/bfe_plugin.go b/bfe_module/bfe_plugin.go index 2381e62cd..7cdb00e48 100644 --- a/bfe_module/bfe_plugin.go +++ b/bfe_module/bfe_plugin.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -25,7 +25,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_util/semver" + "github.com/bfenetworks/bfe/bfe_util/semver" ) type BfePlugins struct { diff --git a/bfe_module/bfe_plugin_info.go b/bfe_module/bfe_plugin_info.go index efe57bfd6..23ca40903 100644 --- a/bfe_module/bfe_plugin_info.go +++ b/bfe_module/bfe_plugin_info.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/bfe_modules.go b/bfe_modules/bfe_modules.go index b26ff87f1..c6b056647 100644 --- a/bfe_modules/bfe_modules.go +++ b/bfe_modules/bfe_modules.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,28 +17,31 @@ package bfe_modules import ( - "github.com/baidu/bfe/bfe_module" - "github.com/baidu/bfe/bfe_modules/mod_access" - "github.com/baidu/bfe/bfe_modules/mod_auth_basic" - "github.com/baidu/bfe/bfe_modules/mod_auth_jwt" - "github.com/baidu/bfe/bfe_modules/mod_auth_request" - "github.com/baidu/bfe/bfe_modules/mod_block" - "github.com/baidu/bfe/bfe_modules/mod_compress" - "github.com/baidu/bfe/bfe_modules/mod_doh" - "github.com/baidu/bfe/bfe_modules/mod_errors" - "github.com/baidu/bfe/bfe_modules/mod_geo" - "github.com/baidu/bfe/bfe_modules/mod_header" - "github.com/baidu/bfe/bfe_modules/mod_http_code" - "github.com/baidu/bfe/bfe_modules/mod_key_log" - "github.com/baidu/bfe/bfe_modules/mod_logid" - "github.com/baidu/bfe/bfe_modules/mod_prison" - "github.com/baidu/bfe/bfe_modules/mod_redirect" - "github.com/baidu/bfe/bfe_modules/mod_rewrite" - "github.com/baidu/bfe/bfe_modules/mod_static" - "github.com/baidu/bfe/bfe_modules/mod_tag" - "github.com/baidu/bfe/bfe_modules/mod_trace" - "github.com/baidu/bfe/bfe_modules/mod_trust_clientip" - "github.com/baidu/bfe/bfe_modules/mod_userid" + "github.com/bfenetworks/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_modules/mod_access" + "github.com/bfenetworks/bfe/bfe_modules/mod_auth_basic" + "github.com/bfenetworks/bfe/bfe_modules/mod_auth_jwt" + "github.com/bfenetworks/bfe/bfe_modules/mod_auth_request" + "github.com/bfenetworks/bfe/bfe_modules/mod_block" + "github.com/bfenetworks/bfe/bfe_modules/mod_compress" + "github.com/bfenetworks/bfe/bfe_modules/mod_doh" + "github.com/bfenetworks/bfe/bfe_modules/mod_errors" + "github.com/bfenetworks/bfe/bfe_modules/mod_geo" + "github.com/bfenetworks/bfe/bfe_modules/mod_header" + "github.com/bfenetworks/bfe/bfe_modules/mod_http_code" + "github.com/bfenetworks/bfe/bfe_modules/mod_key_log" + "github.com/bfenetworks/bfe/bfe_modules/mod_logid" + "github.com/bfenetworks/bfe/bfe_modules/mod_markdown" + "github.com/bfenetworks/bfe/bfe_modules/mod_prison" + "github.com/bfenetworks/bfe/bfe_modules/mod_redirect" + "github.com/bfenetworks/bfe/bfe_modules/mod_rewrite" + "github.com/bfenetworks/bfe/bfe_modules/mod_secure_link" + "github.com/bfenetworks/bfe/bfe_modules/mod_static" + "github.com/bfenetworks/bfe/bfe_modules/mod_tag" + "github.com/bfenetworks/bfe/bfe_modules/mod_trace" + "github.com/bfenetworks/bfe/bfe_modules/mod_trust_clientip" + "github.com/bfenetworks/bfe/bfe_modules/mod_userid" + "github.com/bfenetworks/bfe/bfe_modules/mod_cors" ) // list of all modules, the order is very important @@ -63,6 +66,9 @@ var moduleList = []bfe_module.BfeModule{ // mod_trace mod_trace.NewModuleTrace(), + // mod_cors + mod_cors.NewModuleCors(), + // mod_block // Requirement: After mod_logid mod_block.NewModuleBlock(), @@ -78,6 +84,9 @@ var moduleList = []bfe_module.BfeModule{ // mod_auth_jwt mod_auth_jwt.NewModuleAuthJWT(), + // mod_secure_link + mod_secure_link.NewModuleSecureLink(), + // mod_doh mod_doh.NewModuleDoh(), @@ -100,6 +109,9 @@ var moduleList = []bfe_module.BfeModule{ // mod_errors mod_errors.NewModuleErrors(), + // mod_markdown + mod_markdown.NewModuleMarkdown(), + // mod_compress mod_compress.NewModuleCompress(), diff --git a/bfe_modules/mod_access/conf_mod_access.go b/bfe_modules/mod_access/conf_mod_access.go index 2505d1cbd..94a8d59dd 100644 --- a/bfe_modules/mod_access/conf_mod_access.go +++ b/bfe_modules/mod_access/conf_mod_access.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -24,7 +24,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_util" + "github.com/bfenetworks/bfe/bfe_util" ) // ConfModAccess holds the config of access module. diff --git a/bfe_modules/mod_access/conf_mod_access_test.go b/bfe_modules/mod_access/conf_mod_access_test.go index a3cea77b1..e183ed9a4 100644 --- a/bfe_modules/mod_access/conf_mod_access_test.go +++ b/bfe_modules/mod_access/conf_mod_access_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_access/log_items.go b/bfe_modules/mod_access/log_items.go index 83000c44f..e88ef4ef3 100644 --- a/bfe_modules/mod_access/log_items.go +++ b/bfe_modules/mod_access/log_items.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_access/mod_access.go b/bfe_modules/mod_access/mod_access.go index c8ce5029f..94df839a1 100644 --- a/bfe_modules/mod_access/mod_access.go +++ b/bfe_modules/mod_access/mod_access.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,10 +20,10 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_module" - "github.com/baidu/bfe/bfe_util/access_log" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_util/access_log" ) import ( diff --git a/bfe_modules/mod_access/request_log.go b/bfe_modules/mod_access/request_log.go index 43103052e..9a87a23d9 100644 --- a/bfe_modules/mod_access/request_log.go +++ b/bfe_modules/mod_access/request_log.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -23,8 +23,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" ) func onLogFmtAllServeTime(m *ModuleAccess, logItem *LogFmtItem, buff *bytes.Buffer, diff --git a/bfe_modules/mod_access/session_log.go b/bfe_modules/mod_access/session_log.go index fb303f40b..5a2bef6f3 100644 --- a/bfe_modules/mod_access/session_log.go +++ b/bfe_modules/mod_access/session_log.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -22,7 +22,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_basic" ) func onLogFmtSesClientIp(m *ModuleAccess, logItem *LogFmtItem, buff *bytes.Buffer, @@ -65,7 +65,7 @@ func onLogFmtSesErrorCode(m *ModuleAccess, logItem *LogFmtItem, buff *bytes.Buff return errors.New("session is nil") } - errCode, errMsg := session.GetError() + errMsg, errCode := session.GetError() msg := buildErrorMsg(errCode, errMsg) buff.WriteString(msg) diff --git a/bfe_modules/mod_auth_basic/auth_basic_rule_load.go b/bfe_modules/mod_auth_basic/auth_basic_rule_load.go index a4054a1f6..0721984d4 100644 --- a/bfe_modules/mod_auth_basic/auth_basic_rule_load.go +++ b/bfe_modules/mod_auth_basic/auth_basic_rule_load.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -23,7 +23,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic/condition" + "github.com/bfenetworks/bfe/bfe_basic/condition" ) type AuthBasicRuleFile struct { diff --git a/bfe_modules/mod_auth_basic/auth_basic_rule_load_test.go b/bfe_modules/mod_auth_basic/auth_basic_rule_load_test.go index 66077ae29..76a829216 100644 --- a/bfe_modules/mod_auth_basic/auth_basic_rule_load_test.go +++ b/bfe_modules/mod_auth_basic/auth_basic_rule_load_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -18,7 +18,7 @@ import ( "testing" ) -func TestAuthBasicConfLoad_1(t *testing.T) { +func TestAuthBasicConfLoadCorrect(t *testing.T) { auth_basicConf, err := AuthBasicConfLoad("./testdata/mod_auth_basic/auth_basic_rule.data") if err != nil { t.Errorf("AuthBasicConfLoad() error: %v", err) @@ -30,7 +30,7 @@ func TestAuthBasicConfLoad_1(t *testing.T) { } } -func TestAuthBasicConfLoad_2(t *testing.T) { +func TestAuthBasicConfLoadUserFileEmpty(t *testing.T) { _, err := AuthBasicConfLoad("./testdata/mod_auth_basic/auth_basic_rule.data.userfile_empty") if err == nil || err.Error() != "Config: invalid product rules:unittest, "+ "AuthBasicRule: 0, UserFile empty." { diff --git a/bfe_modules/mod_auth_basic/auth_basic_table.go b/bfe_modules/mod_auth_basic/auth_basic_table.go index bafeb7c93..e054568c0 100644 --- a/bfe_modules/mod_auth_basic/auth_basic_table.go +++ b/bfe_modules/mod_auth_basic/auth_basic_table.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_auth_basic/conf_mod_auth_basic.go b/bfe_modules/mod_auth_basic/conf_mod_auth_basic.go index f8bb8fd93..550614165 100644 --- a/bfe_modules/mod_auth_basic/conf_mod_auth_basic.go +++ b/bfe_modules/mod_auth_basic/conf_mod_auth_basic.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_util" + "github.com/bfenetworks/bfe/bfe_util" ) type ConfModAuthBasic struct { diff --git a/bfe_modules/mod_auth_basic/conf_mod_auth_basic_test.go b/bfe_modules/mod_auth_basic/conf_mod_auth_basic_test.go index 708e4b9ac..881165f1a 100644 --- a/bfe_modules/mod_auth_basic/conf_mod_auth_basic_test.go +++ b/bfe_modules/mod_auth_basic/conf_mod_auth_basic_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_auth_basic/mod_auth_basic.go b/bfe_modules/mod_auth_basic/mod_auth_basic.go index c44c67a5c..65d8f866b 100644 --- a/bfe_modules/mod_auth_basic/mod_auth_basic.go +++ b/bfe_modules/mod_auth_basic/mod_auth_basic.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -27,9 +27,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" ) const ( diff --git a/bfe_modules/mod_auth_basic/mod_auth_basic_test.go b/bfe_modules/mod_auth_basic/mod_auth_basic_test.go index bef78e33c..d36047116 100644 --- a/bfe_modules/mod_auth_basic/mod_auth_basic_test.go +++ b/bfe_modules/mod_auth_basic/mod_auth_basic_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -23,9 +23,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" ) func TestAuthStaticFileHandler(t *testing.T) { diff --git a/bfe_modules/mod_auth_jwt/auth_jwt_rule_load.go b/bfe_modules/mod_auth_jwt/auth_jwt_rule_load.go index f861ab7d1..5e50d3352 100644 --- a/bfe_modules/mod_auth_jwt/auth_jwt_rule_load.go +++ b/bfe_modules/mod_auth_jwt/auth_jwt_rule_load.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -27,7 +27,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic/condition" + "github.com/bfenetworks/bfe/bfe_basic/condition" ) type AuthJWTRuleFile struct { diff --git a/bfe_modules/mod_auth_jwt/auth_jwt_rule_load_test.go b/bfe_modules/mod_auth_jwt/auth_jwt_rule_load_test.go index 643cef212..b3eb65dd0 100644 --- a/bfe_modules/mod_auth_jwt/auth_jwt_rule_load_test.go +++ b/bfe_modules/mod_auth_jwt/auth_jwt_rule_load_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_auth_jwt/auth_jwt_table.go b/bfe_modules/mod_auth_jwt/auth_jwt_table.go index f7854918b..079d19bfe 100644 --- a/bfe_modules/mod_auth_jwt/auth_jwt_table.go +++ b/bfe_modules/mod_auth_jwt/auth_jwt_table.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_auth_jwt/conf_mod_auth_jwt.go b/bfe_modules/mod_auth_jwt/conf_mod_auth_jwt.go index 0bea5c899..f29398e20 100644 --- a/bfe_modules/mod_auth_jwt/conf_mod_auth_jwt.go +++ b/bfe_modules/mod_auth_jwt/conf_mod_auth_jwt.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_util" + "github.com/bfenetworks/bfe/bfe_util" ) type ConfModAuthJWT struct { diff --git a/bfe_modules/mod_auth_jwt/conf_mod_auth_jwt_test.go b/bfe_modules/mod_auth_jwt/conf_mod_auth_jwt_test.go index d479781d4..6f9d03cc4 100644 --- a/bfe_modules/mod_auth_jwt/conf_mod_auth_jwt_test.go +++ b/bfe_modules/mod_auth_jwt/conf_mod_auth_jwt_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_auth_jwt/mod_auth_jwt.go b/bfe_modules/mod_auth_jwt/mod_auth_jwt.go index 96bb11e5d..a4fb42008 100644 --- a/bfe_modules/mod_auth_jwt/mod_auth_jwt.go +++ b/bfe_modules/mod_auth_jwt/mod_auth_jwt.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -28,9 +28,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" ) const ( diff --git a/bfe_modules/mod_auth_jwt/mod_auth_jwt_test.go b/bfe_modules/mod_auth_jwt/mod_auth_jwt_test.go index 5932a4b31..27ea25ca4 100644 --- a/bfe_modules/mod_auth_jwt/mod_auth_jwt_test.go +++ b/bfe_modules/mod_auth_jwt/mod_auth_jwt_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -24,9 +24,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" ) func TestAuthJWTFileHandlerRuleNotMatched(t *testing.T) { diff --git a/bfe_modules/mod_auth_request/auth_request_rule_load.go b/bfe_modules/mod_auth_request/auth_request_rule_load.go index 5f1b7e569..f22c6c5c8 100644 --- a/bfe_modules/mod_auth_request/auth_request_rule_load.go +++ b/bfe_modules/mod_auth_request/auth_request_rule_load.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -21,7 +21,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic/condition" + "github.com/bfenetworks/bfe/bfe_basic/condition" ) // rule loaded from file diff --git a/bfe_modules/mod_auth_request/auth_request_rule_load_test.go b/bfe_modules/mod_auth_request/auth_request_rule_load_test.go index a318a6828..bcdea4af6 100644 --- a/bfe_modules/mod_auth_request/auth_request_rule_load_test.go +++ b/bfe_modules/mod_auth_request/auth_request_rule_load_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_auth_request/auth_request_table.go b/bfe_modules/mod_auth_request/auth_request_table.go index fc2f2313c..cd9332584 100644 --- a/bfe_modules/mod_auth_request/auth_request_table.go +++ b/bfe_modules/mod_auth_request/auth_request_table.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -19,7 +19,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic/condition" + "github.com/bfenetworks/bfe/bfe_basic/condition" ) type AuthRequestRuleTable struct { diff --git a/bfe_modules/mod_auth_request/conf_mod_auth_request.go b/bfe_modules/mod_auth_request/conf_mod_auth_request.go index 72c286da1..5f162836a 100644 --- a/bfe_modules/mod_auth_request/conf_mod_auth_request.go +++ b/bfe_modules/mod_auth_request/conf_mod_auth_request.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -25,7 +25,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_util" + "github.com/bfenetworks/bfe/bfe_util" ) const ( diff --git a/bfe_modules/mod_auth_request/conf_mod_auth_request_test.go b/bfe_modules/mod_auth_request/conf_mod_auth_request_test.go index 7769bf1db..a470f6049 100644 --- a/bfe_modules/mod_auth_request/conf_mod_auth_request_test.go +++ b/bfe_modules/mod_auth_request/conf_mod_auth_request_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_auth_request/mod_auth_request.go b/bfe_modules/mod_auth_request/mod_auth_request.go index 474034104..2ccf933d0 100644 --- a/bfe_modules/mod_auth_request/mod_auth_request.go +++ b/bfe_modules/mod_auth_request/mod_auth_request.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -31,9 +31,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" ) const ( @@ -42,6 +42,9 @@ const ( DelayConterInterval = 60 // interval for moving current to past (in s) DelayCounterBucketSize = 1 // size of delay counter bucket (in ms) DelayCounterBucketNum = 20 // number of delay counter bucket + + XForwardedMethod = "X-Forwarded-Method" + XForwardedURI = "X-Forwarded-Uri" ) var ( @@ -51,11 +54,12 @@ var ( ) type ModuleAuthRequestState struct { - AuthRequestChecked *metrics.Counter - AuthRequestPass *metrics.Counter - AuthRequestForbidden *metrics.Counter - AuthRequestFail *metrics.Counter - AuthRequestUncertain *metrics.Counter + AuthRequestChecked *metrics.Counter + AuthRequestPass *metrics.Counter + AuthRequestForbidden *metrics.Counter + AuthRequestUnauthorized *metrics.Counter + AuthRequestFail *metrics.Counter + AuthRequestUncertain *metrics.Counter } type ModuleAuthRequest struct { @@ -117,19 +121,36 @@ func removeHopHeaders(headers http.Header) { } func (m *ModuleAuthRequest) createAuthRequest(originReq *bfe_basic.Request) *http.Request { - forwardReq, _ := http.NewRequest(http.MethodGet, m.conf.Basic.AuthAddress, nil) + authReq, _ := http.NewRequest(http.MethodGet, m.conf.Basic.AuthAddress, nil) // copy header from origin request header - bfe_http.CopyHeader(bfe_http.Header(forwardReq.Header), originReq.HttpRequest.Header) + bfe_http.CopyHeader(bfe_http.Header(authReq.Header), originReq.HttpRequest.Header) // remove hop headers - removeHopHeaders(forwardReq.Header) + removeHopHeaders(authReq.Header) + + // remove Content-Length header + authReq.Header.Del("Content-Length") + + xMethod := originReq.HttpRequest.Header.Get(XForwardedMethod) + if xMethod != "" { + authReq.Header.Set(XForwardedMethod, xMethod) + } else { + authReq.Header.Set(XForwardedMethod, originReq.HttpRequest.Method) + } + + xUri := originReq.HttpRequest.Header.Get(XForwardedURI) + if xUri != "" { + authReq.Header.Set(XForwardedURI, xUri) + } else { + authReq.Header.Set(XForwardedURI, originReq.HttpRequest.URL.RequestURI()) + } if openDebug { - log.Logger.Info("%s: auth request header: [%v]", m.name, forwardReq.Header) + log.Logger.Info("%s: auth request header: [%v]", m.name, authReq.Header) } - return forwardReq + return authReq } func (m *ModuleAuthRequest) callAuthService(forwardReq *http.Request) (*http.Response, error) { @@ -145,29 +166,37 @@ func (m *ModuleAuthRequest) callAuthService(forwardReq *http.Request) (*http.Res return resp, nil } -func (m *ModuleAuthRequest) checkAuthForbidden(resp *http.Response) bool { - // if the response code is 401 or 403, the access is denied - if resp.StatusCode == bfe_http.StatusUnauthorized || resp.StatusCode == bfe_http.StatusForbidden { +func (m *ModuleAuthRequest) genAuthForbiddenResp(req *bfe_basic.Request, resp *http.Response) *bfe_http.Response { + forbiddenResp := bfe_basic.CreateInternalResp(req, resp.StatusCode) + if resp.StatusCode == bfe_http.StatusUnauthorized { + if wwwAuth := resp.Header.Get("WWW-Authenticate"); len(wwwAuth) > 0 { + forbiddenResp.Header.Set("WWW-Authenticate", wwwAuth) + } + m.state.AuthRequestUnauthorized.Inc(1) + return forbiddenResp + } + + if resp.StatusCode == bfe_http.StatusForbidden { m.state.AuthRequestForbidden.Inc(1) - return true + return forbiddenResp } // if the service response code is 2XX, the access is allowed. if resp.StatusCode/100 == 2 { m.state.AuthRequestPass.Inc(1) - return false + return nil } // if any other response code returned is considered an error m.state.AuthRequestUncertain.Inc(1) if openDebug { - log.Logger.Info("%s: auth response is not expected, resp code[%d]", resp.StatusCode) + log.Logger.Info("%s: auth response is not expected, resp code[%d]", m.name, resp.StatusCode) } - return false + return nil } // forward request to auth server -func (m *ModuleAuthRequest) forwardAuthServer(req *bfe_basic.Request) (bool, int) { +func (m *ModuleAuthRequest) forwardAuthServer(req *bfe_basic.Request) *bfe_http.Response { // create auth request authReq := m.createAuthRequest(req) @@ -175,15 +204,11 @@ func (m *ModuleAuthRequest) forwardAuthServer(req *bfe_basic.Request) (bool, int resp, err := m.callAuthService(authReq) if err != nil { m.state.AuthRequestFail.Inc(1) - return false, 0 + return nil } defer resp.Body.Close() - if m.checkAuthForbidden(resp) { - return true, resp.StatusCode - } - - return false, 0 + return m.genAuthForbiddenResp(req, resp) } func (m *ModuleAuthRequest) authRequestHandler(req *bfe_basic.Request) (int, *bfe_http.Response) { @@ -197,9 +222,9 @@ func (m *ModuleAuthRequest) authRequestHandler(req *bfe_basic.Request) (int, *bf m.state.AuthRequestChecked.Inc(1) // check request is denied - if isDenied, code := m.forwardAuthServer(req); isDenied { + if resp := m.forwardAuthServer(req); resp != nil { req.ErrCode = ErrAuthRequest - return bfe_module.BfeHandlerResponse, bfe_basic.CreateInternalResp(req, code) + return bfe_module.BfeHandlerResponse, resp } } } @@ -247,7 +272,7 @@ func (m *ModuleAuthRequest) init(conf *ConfModAuthRequest, cbs *bfe_module.BfeCa return err } - err = cbs.AddFilter(bfe_module.HandleAfterLocation, m.authRequestHandler) + err = cbs.AddFilter(bfe_module.HandleFoundProduct, m.authRequestHandler) if err != nil { return fmt.Errorf("%s.Init(): AddFilter(m.authRequestHandler): %v", m.name, err) } diff --git a/bfe_modules/mod_auth_request/mod_auth_request_test.go b/bfe_modules/mod_auth_request/mod_auth_request_test.go index 1fc2375e1..61ae03b0b 100644 --- a/bfe_modules/mod_auth_request/mod_auth_request_test.go +++ b/bfe_modules/mod_auth_request/mod_auth_request_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -26,9 +26,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" ) const ( @@ -99,26 +99,41 @@ func TestCreateAuthRequest(t *testing.T) { if authReq.Header.Get(testCopyHeader) != testCopyHeaderValue { t.Fatalf("auth request should not have header :%s", testCopyHeaderValue) } + + if authReq.Header.Get(XForwardedMethod) != http.MethodGet { + t.Fatalf("%s should be %s, but it's %s", XForwardedMethod, http.MethodGet, authReq.Header.Get(XForwardedMethod)) + } + + if authReq.Header.Get(XForwardedURI) != "/" { + t.Fatalf("%s should be %s, but it's %s", XForwardedURI, "/", authReq.Header.Get(XForwardedURI)) + } } func TestCheckAuthForbidden(t *testing.T) { m := NewModuleAuthRequest() + req, _ := bfe_http.NewRequest(http.MethodGet, "http://exapmle.org", nil) + basicReq := bfe_basic.NewRequest(req, nil, nil, nil, nil) resp := new(http.Response) + resp.Header = make(http.Header) - resp.StatusCode = 401 - if !m.checkAuthForbidden(resp) { - t.Fatalf("checkAuthForbidden should true") + resp.StatusCode = http.StatusUnauthorized + var forbiddenResp *bfe_http.Response + if forbiddenResp = m.genAuthForbiddenResp(basicReq, resp); forbiddenResp == nil { + t.Fatalf("forbiddenResp should be nil") + } + if forbiddenResp.StatusCode != http.StatusUnauthorized { + t.Fatalf("status_code should be %d, but it's %d", http.StatusUnauthorized, forbiddenResp.StatusCode) } resp.StatusCode = http.StatusCreated - if m.checkAuthForbidden(resp) { - t.Fatalf("checkAuthForbidden should false") + if forbiddenResp = m.genAuthForbiddenResp(basicReq, resp); forbiddenResp != nil { + t.Fatalf("forbasicResp should be nil") } resp.StatusCode = http.StatusMovedPermanently - if m.checkAuthForbidden(resp) { - t.Fatalf("checkAuthForbidden should false") + if forbiddenResp = m.genAuthForbiddenResp(basicReq, resp); forbiddenResp != nil { + t.Fatalf("checkAuthForbidden should nil") } } @@ -132,6 +147,7 @@ func TestAuthRequestHandler(t *testing.T) { } ts := httptest.NewServer(http.HandlerFunc(func(writer http.ResponseWriter, request *http.Request) { + writer.Header().Set("WWW-Authenticate", "Basic realm=testforbfe") writer.WriteHeader(http.StatusUnauthorized) })) defer ts.Close() @@ -156,4 +172,9 @@ func TestAuthRequestHandler(t *testing.T) { if resp.StatusCode != http.StatusUnauthorized { t.Fatalf("resp code should be %d, but it's %d", http.StatusUnauthorized, resp.StatusCode) } + + wwwAuth := resp.Header.Get("WWW-Authenticate") + if resp.Header.Get("WWW-Authenticate") != "Basic realm=testforbfe" { + t.Fatalf("resp header[WWW-Authenticate] should be Basic realm=testforbfe, but it's %s", wwwAuth) + } } diff --git a/bfe_modules/mod_block/action.go b/bfe_modules/mod_block/action.go index 4272a7db7..3ebe0dc50 100644 --- a/bfe_modules/mod_block/action.go +++ b/bfe_modules/mod_block/action.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_block/conf_mod_block.go b/bfe_modules/mod_block/conf_mod_block.go index fa83b05f4..1eef37117 100644 --- a/bfe_modules/mod_block/conf_mod_block.go +++ b/bfe_modules/mod_block/conf_mod_block.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,13 +20,13 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_util" + "github.com/bfenetworks/bfe/bfe_util" ) type ConfModBlock struct { Basic struct { ProductRulePath string // path of product block rule data - IPBlacklistPath string // path of ip blacklist data + IPBlocklistPath string // path of ip blocklist data } Log struct { @@ -65,11 +65,11 @@ func ConfModBlockCheck(cfg *ConfModBlock, confRoot string) error { } cfg.Basic.ProductRulePath = bfe_util.ConfPathProc(cfg.Basic.ProductRulePath, confRoot) - if cfg.Basic.IPBlacklistPath == "" { - log.Logger.Warn("ModBlock.IPBlacklistPath not set, use default value") - cfg.Basic.IPBlacklistPath = "mod_block/ip_blacklist.data" + if cfg.Basic.IPBlocklistPath == "" { + log.Logger.Warn("ModBlock.IPBlocklistPath not set, use default value") + cfg.Basic.IPBlocklistPath = "mod_block/ip_blocklist.data" } - cfg.Basic.IPBlacklistPath = bfe_util.ConfPathProc(cfg.Basic.IPBlacklistPath, confRoot) + cfg.Basic.IPBlocklistPath = bfe_util.ConfPathProc(cfg.Basic.IPBlocklistPath, confRoot) return nil } diff --git a/bfe_modules/mod_block/conf_mod_block_test.go b/bfe_modules/mod_block/conf_mod_block_test.go index b4b22ad5b..9e74e72c2 100644 --- a/bfe_modules/mod_block/conf_mod_block_test.go +++ b/bfe_modules/mod_block/conf_mod_block_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -30,8 +30,8 @@ func Test_conf_mod_block_case1(t *testing.T) { if config.Basic.ProductRulePath != "/home/bfe/conf/rule.data" { t.Error("ProductRulePath should be /home/bfe/conf/rule.data") } - if config.Basic.IPBlacklistPath != "/home/bfe/conf/ip.data" { - t.Error("IPBlacklistPath should be /home/bfe/conf/ip.data") + if config.Basic.IPBlocklistPath != "/home/bfe/conf/ip.data" { + t.Error("IPBlocklistPath should be /home/bfe/conf/ip.data") } } @@ -44,7 +44,7 @@ func Test_conf_mod_block_case2(t *testing.T) { if config.Basic.ProductRulePath != "mod_block/block_rules.data" { t.Error("ProductRulePath should be mod_block/block_rules.data") } - if config.Basic.IPBlacklistPath != "mod_block/ip_blacklist.data" { - t.Error("IPBlacklistPath should be mod_block/ip_blacklist.data") + if config.Basic.IPBlocklistPath != "mod_block/ip_blocklist.data" { + t.Error("IPBlocklistPath should be mod_block/ip_blocklist.data") } } diff --git a/bfe_modules/mod_block/global_ip_table_load.go b/bfe_modules/mod_block/global_ip_table_load.go index ba293cb84..766779891 100644 --- a/bfe_modules/mod_block/global_ip_table_load.go +++ b/bfe_modules/mod_block/global_ip_table_load.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -19,8 +19,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_util/ipdict" - "github.com/baidu/bfe/bfe_util/ipdict/txt_load" + "github.com/bfenetworks/bfe/bfe_util/ipdict" + "github.com/bfenetworks/bfe/bfe_util/ipdict/txt_load" ) // GlobalIPTableLoad loads global ip table. diff --git a/bfe_modules/mod_block/mod_block.go b/bfe_modules/mod_block/mod_block.go index 9507e7ba3..a8d46128b 100644 --- a/bfe_modules/mod_block/mod_block.go +++ b/bfe_modules/mod_block/mod_block.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -27,10 +27,10 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_module" - "github.com/baidu/bfe/bfe_util/ipdict" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_util/ipdict" ) const ( @@ -39,7 +39,7 @@ const ( ) var ( - ERR_BLACKLIST = errors.New("BLACKLIST") + ErrBlock = errors.New("BLOCK") ) var ( @@ -67,10 +67,10 @@ type ModuleBlock struct { metrics metrics.Metrics productRulePath string // path of block rule data file - ipBlacklistPath string // path of ip blacklist data file + ipBlocklistPath string // path of ip blocklist data file ruleTable *ProductRuleTable // table for product block rules - ipTable *ipdict.IPTable // table for global ip blacklist + ipTable *ipdict.IPTable // table for global ip blocklist } func NewModuleBlock() *ModuleBlock { @@ -88,13 +88,13 @@ func (m *ModuleBlock) Name() string { return m.name } -// loadGlobalIPTable loads global ip blacklist. +// loadGlobalIPTable loads global ip blocklist. func (m *ModuleBlock) loadGlobalIPTable(query url.Values) error { // get reload file path path := query.Get("path") if path == "" { // use default - path = m.ipBlacklistPath + path = m.ipBlocklistPath } // load data @@ -136,7 +136,7 @@ func (m *ModuleBlock) globalBlockHandler(session *bfe_basic.Session) int { clientIP := session.RemoteAddr.IP if m.ipTable.Search(clientIP) { - session.SetError(ERR_BLACKLIST, "connection blocked") + session.SetError(ErrBlock, "connection blocked") log.Logger.Debug("%s refuse connection (remote: %v)", m.name, session.RemoteAddr) m.state.ConnRefuse.Inc(1) @@ -188,7 +188,7 @@ func (m *ModuleBlock) productRulesProcess(req *bfe_basic.Request, rules *blockRu switch rule.Action.Cmd { case "CLOSE": - req.ErrCode = ERR_BLACKLIST + req.ErrCode = ErrBlock log.Logger.Debug("%s block connection (rule:%v, remote:%s)", m.name, rule, req.RemoteAddr) m.state.ReqRefuse.Inc(1) @@ -248,7 +248,7 @@ func (m *ModuleBlock) Init(cbs *bfe_module.BfeCallbacks, whs *web_monitor.WebHan } m.productRulePath = conf.Basic.ProductRulePath - m.ipBlacklistPath = conf.Basic.IPBlacklistPath + m.ipBlocklistPath = conf.Basic.IPBlocklistPath openDebug = conf.Log.OpenDebug // load conf data diff --git a/bfe_modules/mod_block/mod_block_test.go b/bfe_modules/mod_block/mod_block_test.go index ba8149450..029bef2be 100644 --- a/bfe_modules/mod_block/mod_block_test.go +++ b/bfe_modules/mod_block/mod_block_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -25,9 +25,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" ) func prepareModule() *ModuleBlock { diff --git a/bfe_modules/mod_block/product_rule_load.go b/bfe_modules/mod_block/product_rule_load.go index f0e56dbd8..f1b35a4e1 100644 --- a/bfe_modules/mod_block/product_rule_load.go +++ b/bfe_modules/mod_block/product_rule_load.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -22,7 +22,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic/condition" + "github.com/bfenetworks/bfe/bfe_basic/condition" ) type blockRuleFile struct { @@ -165,10 +165,10 @@ func ProductRuleConfLoad(filename string) (productRuleConf, error) { // open the file file, err := os.Open(filename) - defer file.Close() if err != nil { return conf, err } + defer file.Close() // decode the file decoder := json.NewDecoder(file) diff --git a/bfe_modules/mod_block/product_rule_load_test.go b/bfe_modules/mod_block/product_rule_load_test.go index 4c4680d07..c906f936b 100644 --- a/bfe_modules/mod_block/product_rule_load_test.go +++ b/bfe_modules/mod_block/product_rule_load_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_block/product_rule_table.go b/bfe_modules/mod_block/product_rule_table.go index 67767d757..bb980d236 100644 --- a/bfe_modules/mod_block/product_rule_table.go +++ b/bfe_modules/mod_block/product_rule_table.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_block/testdata/conf_mod_block/bfe_1.conf b/bfe_modules/mod_block/testdata/conf_mod_block/bfe_1.conf index 2a98e559d..258c57c2b 100644 --- a/bfe_modules/mod_block/testdata/conf_mod_block/bfe_1.conf +++ b/bfe_modules/mod_block/testdata/conf_mod_block/bfe_1.conf @@ -1,7 +1,7 @@ [basic] # rule config file path ProductRulePath = /home/bfe/conf/rule.data -IPBlacklistPath = /home/bfe/conf/ip.data +IPBlocklistPath = /home/bfe/conf/ip.data [log] OpenDebug = true diff --git a/bfe_modules/mod_block/testdata/mod_block/ip_blacklist.data b/bfe_modules/mod_block/testdata/mod_block/ip_blocklist.data similarity index 77% rename from bfe_modules/mod_block/testdata/mod_block/ip_blacklist.data rename to bfe_modules/mod_block/testdata/mod_block/ip_blocklist.data index e8120e114..5453203df 100644 --- a/bfe_modules/mod_block/testdata/mod_block/ip_blacklist.data +++ b/bfe_modules/mod_block/testdata/mod_block/ip_blocklist.data @@ -1,5 +1,5 @@ # {"version": "1234", "pairIPNum":1, "singleIPNum":2} -# global ip blacklist +# global ip blocklist 10.1.1.0 10.1.1.254 192.168.1.100 diff --git a/bfe_modules/mod_block/testdata/mod_block/mod_block.conf b/bfe_modules/mod_block/testdata/mod_block/mod_block.conf index 90ea5efc8..ba0445e1d 100644 --- a/bfe_modules/mod_block/testdata/mod_block/mod_block.conf +++ b/bfe_modules/mod_block/testdata/mod_block/mod_block.conf @@ -1,7 +1,7 @@ [basic] # rule config file path ProductRulePath = mod_block/block_rules.data -IPBlacklistPath = mod_block/ip_blacklist.data +IPBlocklistPath = mod_block/ip_blocklist.data [log] OpenDebug = true diff --git a/bfe_modules/mod_compress/action.go b/bfe_modules/mod_compress/action.go index b67a966fc..e9913799f 100644 --- a/bfe_modules/mod_compress/action.go +++ b/bfe_modules/mod_compress/action.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_compress/brotli_filter.go b/bfe_modules/mod_compress/brotli_filter.go index 499cb0f5f..042025c12 100644 --- a/bfe_modules/mod_compress/brotli_filter.go +++ b/bfe_modules/mod_compress/brotli_filter.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_compress/brotli_filter_test.go b/bfe_modules/mod_compress/brotli_filter_test.go index c683dc997..fadcadba5 100644 --- a/bfe_modules/mod_compress/brotli_filter_test.go +++ b/bfe_modules/mod_compress/brotli_filter_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_compress/compress_rule_load.go b/bfe_modules/mod_compress/compress_rule_load.go index 1ba05994c..c371667e6 100644 --- a/bfe_modules/mod_compress/compress_rule_load.go +++ b/bfe_modules/mod_compress/compress_rule_load.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -22,7 +22,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic/condition" + "github.com/bfenetworks/bfe/bfe_basic/condition" ) type compressRuleFile struct { diff --git a/bfe_modules/mod_compress/compress_rule_load_test.go b/bfe_modules/mod_compress/compress_rule_load_test.go index 45fb1eef9..a51d57a21 100644 --- a/bfe_modules/mod_compress/compress_rule_load_test.go +++ b/bfe_modules/mod_compress/compress_rule_load_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_compress/compress_rule_table.go b/bfe_modules/mod_compress/compress_rule_table.go index 8f40b479d..2c8bad9f3 100644 --- a/bfe_modules/mod_compress/compress_rule_table.go +++ b/bfe_modules/mod_compress/compress_rule_table.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_compress/conf_mod_compress.go b/bfe_modules/mod_compress/conf_mod_compress.go index 236f2fc23..600569d35 100644 --- a/bfe_modules/mod_compress/conf_mod_compress.go +++ b/bfe_modules/mod_compress/conf_mod_compress.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_util" + "github.com/bfenetworks/bfe/bfe_util" ) type ConfModCompress struct { diff --git a/bfe_modules/mod_compress/conf_mod_compress_test.go b/bfe_modules/mod_compress/conf_mod_compress_test.go index 94a5fc62b..9abb7496a 100644 --- a/bfe_modules/mod_compress/conf_mod_compress_test.go +++ b/bfe_modules/mod_compress/conf_mod_compress_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_compress/gzip_filter.go b/bfe_modules/mod_compress/gzip_filter.go index 17e78dd62..d32352391 100644 --- a/bfe_modules/mod_compress/gzip_filter.go +++ b/bfe_modules/mod_compress/gzip_filter.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_compress/gzip_filter_test.go b/bfe_modules/mod_compress/gzip_filter_test.go index b8e100be0..9878a5aa9 100644 --- a/bfe_modules/mod_compress/gzip_filter_test.go +++ b/bfe_modules/mod_compress/gzip_filter_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_compress/mod_compress.go b/bfe_modules/mod_compress/mod_compress.go index 5ec3f9515..ab9cadfc8 100644 --- a/bfe_modules/mod_compress/mod_compress.go +++ b/bfe_modules/mod_compress/mod_compress.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -27,9 +27,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" ) const ( diff --git a/bfe_modules/mod_compress/mod_compress_test.go b/bfe_modules/mod_compress/mod_compress_test.go index b52d93618..dddcb0b1a 100644 --- a/bfe_modules/mod_compress/mod_compress_test.go +++ b/bfe_modules/mod_compress/mod_compress_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -25,9 +25,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" ) func prepareModule() *ModuleCompress { diff --git a/bfe_modules/mod_cors/conf_mod_cors.go b/bfe_modules/mod_cors/conf_mod_cors.go new file mode 100644 index 000000000..c58c3fb75 --- /dev/null +++ b/bfe_modules/mod_cors/conf_mod_cors.go @@ -0,0 +1,68 @@ +// Copyright (c) 2019 The BFE Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package mod_cors + +import ( + "gopkg.in/gcfg.v1" +) + +import ( + "github.com/baidu/go-lib/log" +) + +import ( + "github.com/bfenetworks/bfe/bfe_util" +) + +const ( + defaultDataPath = "mod_cors/cors_rule.data" +) + +type ConfModCors struct { + Basic struct { + DataPath string // path of rule data + } + + Log struct { + OpenDebug bool + } +} + +func ConfLoad(filePath string, confRoot string) (*ConfModCors, error) { + var err error + var cfg ConfModCors + + err = gcfg.ReadFileInto(&cfg, filePath) + if err != nil { + return nil, err + } + + err = cfg.Check(confRoot) + if err != nil { + return nil, err + } + + return &cfg, nil +} + +func (cfg *ConfModCors) Check(confRoot string) error { + if len(cfg.Basic.DataPath) == 0 { + cfg.Basic.DataPath = defaultDataPath + log.Logger.Warn("ModCors.DataPath not set, use default value: %s", defaultDataPath) + } + + cfg.Basic.DataPath = bfe_util.ConfPathProc(cfg.Basic.DataPath, confRoot) + return nil +} diff --git a/bfe_modules/mod_cors/conf_mod_cors_test.go b/bfe_modules/mod_cors/conf_mod_cors_test.go new file mode 100644 index 000000000..ec50c688e --- /dev/null +++ b/bfe_modules/mod_cors/conf_mod_cors_test.go @@ -0,0 +1,35 @@ +// Copyright (c) 2019 The BFE Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package mod_cors + +import ( + "testing" +) + +func TestConfLoadCase1(t *testing.T) { + cfg, err := ConfLoad("testdata/mod_cors/mod_cors.conf", "testdata") + if err != nil { + t.Fatalf("shoule have no error, but error is %v", err) + } + + expectDataPath := "testdata/mod_cors/cors_rule.data" + if cfg.Basic.DataPath != expectDataPath { + t.Fatalf("cfg.Basic.DataPath shoule %s, but it's %s", expectDataPath, cfg.Basic.DataPath) + } + + if cfg.Log.OpenDebug != false { + t.Fatalf("cfg.Log.OpenDebug should be false") + } +} diff --git a/bfe_modules/mod_cors/cors_rule_load.go b/bfe_modules/mod_cors/cors_rule_load.go new file mode 100644 index 000000000..83bd3d976 --- /dev/null +++ b/bfe_modules/mod_cors/cors_rule_load.go @@ -0,0 +1,258 @@ +// Copyright (c) 2019 The BFE Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package mod_cors + +import ( + "encoding/json" + "fmt" + "net/http" + "os" + "strings" +) + +import ( + "github.com/bfenetworks/bfe/bfe_basic/condition" +) + +type CorsRuleFile struct { + Version string + Config ProductRuleRawList // product -> raw rule list +} + +type CorsRuleConf struct { + Version string + Config ProductRuleList // product -> rule list +} + +type CorsRuleRaw struct { + Cond string // condition + + // AccessControlAllowOrigins specifies either a single origin, which tells browsers to + // allow that origin to access the resource; or else — for requests without credentials — + // the "*" wildcard, to tell browsers to allow any origin to access the resource + AccessControlAllowOrigins []string + + // AccessControlAllowCredentials Indicates whether or not the response to the request can be exposed + // when the credentials flag is true. + AccessControlAllowCredentials bool + + // AccessControlExposeHeaders lets a server whitelist headers that browsers are allowed to access. + AccessControlExposeHeaders []string + + // AccessControlAllowMethods specifies the method or methods allowed when accessing the resource. + // This is used in response to a preflight request. + AccessControlAllowMethods []string + + // AccessControlAllowHeaders indicates which HTTP headers can be used when making the actual request. + // This is used in response to a preflight request + AccessControlAllowHeaders []string + + // AccessControlMaxAge indicates how long the results of a preflight request can be cached. + AccessControlMaxAge *int +} + +type ProductRuleRawList map[string]RuleRawList // product => raw rule list +type RuleRawList []CorsRuleRaw + +var ( + supportedMethod = map[string]bool{ + http.MethodGet: true, + http.MethodHead: true, + http.MethodPost: true, + http.MethodPut: true, + http.MethodDelete: true, + http.MethodConnect: true, + http.MethodOptions: true, + http.MethodTrace: true, + http.MethodPatch: true, + } +) + +func CorsRuleCheck(corsRuleFile *CorsRuleFile) error { + if corsRuleFile == nil { + return fmt.Errorf("corsRuleFile is nil") + } + + if len(corsRuleFile.Version) == 0 { + return fmt.Errorf("no Version") + } + + if corsRuleFile.Config == nil { + return fmt.Errorf("no Config") + } + + return nil +} + +func ruleConvert(rawRule CorsRuleRaw) (*CorsRule, error) { + cond, err := condition.Build(rawRule.Cond) + if err != nil { + return nil, err + } + + var rule CorsRule + rule.Cond = cond + + if len(rawRule.AccessControlAllowOrigins) == 0 { + return nil, fmt.Errorf("AccessControlAllowOrigins not set") + } + + rule.AccessControlAllowOriginMap = make(map[string]bool) + + // : Specifies the list of supported origin + // * (wildcard): For requests without credentials, the literal value "*" can be specified, as a wildcard; + // the value tells browsers to allow requesting code from any origin to access the resource. + // Attempting to use the wildcard with credentials will result in an error. + // null: Specifies the origin "null". + // %origin: Specifies the orign from the request header "Origin" + for _, allowOrigin := range rawRule.AccessControlAllowOrigins { + if strings.HasPrefix(allowOrigin, "%") && allowOrigin != "%origin" { + return nil, fmt.Errorf("AccessControlAllowOrigins %s is not supported", allowOrigin) + } + + if strings.Contains(allowOrigin, "*") && len(allowOrigin) != 1 { + return nil, fmt.Errorf("AccessControlAllowOrigins %s is not supported", allowOrigin) + } + + if allowOrigin == "*" && rawRule.AccessControlAllowCredentials { + return nil, fmt.Errorf("AccessControlAllowCredentials can not be ture when AccessControlAllowOrigins is *") + } + + if (allowOrigin == "null" || allowOrigin == "*") && len(rawRule.AccessControlAllowOrigins) != 1 { + return nil, fmt.Errorf("AccessControlAllowOrigins can only contain one element when AccessControlAllowOrigins is null or *") + } + + rule.AccessControlAllowOriginMap[allowOrigin] = true + } + + // : The name of a supported request header. The header may list any number of headers + // * (wildcard): The value "*" only counts as a special wildcard value for requests without credentials + // (requests without HTTP cookies or HTTP authentication information). + // In requests with credentials, it is treated as the literal header name "*" without special semantics. + // Note that the Authorization header can't be wildcarded and always needs to be listed explicitly. + for _, allowHeader := range rawRule.AccessControlAllowHeaders { + if strings.Contains(allowHeader, "*") && len(allowHeader) != 1 { + return nil, fmt.Errorf("AccessControlAllowHeaders %s is not supported", allowHeader) + } + + if allowHeader == "*" && len(rawRule.AccessControlAllowHeaders) != 1 { + return nil, fmt.Errorf("AccessControlAllowHeaders can only contain one element when AccessControlAllowHeaders is *") + } + } + rule.AccessControlAllowHeaders = rawRule.AccessControlAllowHeaders + + // : A list of exposed headers consisting of zero or more header names other than the CORS-safelisted request headers + // that the resource might use and can be exposed. + // * (wildcard): The value "*" only counts as a special wildcard value for requests without credentials + // (requests without HTTP cookies or HTTP authentication information). + // In requests with credentials, it is treated as the literal header name "*" without special semantics. + // Note that the Authorization header can't be wildcarded and always needs to be listed explicitly. + for _, exposeHeader := range rawRule.AccessControlExposeHeaders { + if strings.Contains(exposeHeader, "*") && len(exposeHeader) != 1 { + return nil, fmt.Errorf("AccessControlExposeHeaders %s is not supported", exposeHeader) + } + + if exposeHeader == "*" && len(rawRule.AccessControlExposeHeaders) != 1 { + return nil, fmt.Errorf("AccessControlExposeHeaders can only contain one element when AccessControlExposeHeaders is *") + } + } + rule.AccessControlExposeHeaders = rawRule.AccessControlExposeHeaders + + // : list of the allowed HTTP request methods. + // * (wildcard): The value "*" only counts as a special wildcard value for requests without + // credentials (requests without HTTP cookies or HTTP authentication information). + // In requests with credentials, it is treated as the literal method name "*" without special semantics. + for _, allowMethod := range rawRule.AccessControlAllowMethods { + if strings.Contains(allowMethod, "*") && len(allowMethod) != 1 { + return nil, fmt.Errorf("AccessControlAllowMethods %s is not supported", allowMethod) + } + + if allowMethod == "*" && len(rawRule.AccessControlAllowMethods) != 1 { + return nil, fmt.Errorf("AccessControlAllowMethods can only contain one element when AccessControlAllowMethods is *") + } + + if allowMethod != "*" { + if _, ok := supportedMethod[allowMethod]; !ok { + return nil, fmt.Errorf("AccessControlAllowMethods %s is not supported", allowMethod) + } + } + } + rule.AccessControlAllowMethods = rawRule.AccessControlAllowMethods + + // Maximum number of seconds the results can be cached. + // Firefox caps this at 24 hours (86400 seconds). + // Chromium (prior to v76) caps at 10 minutes (600 seconds). + // Chromium (starting in v76) caps at 2 hours (7200 seconds). + // Chromium also specifies a default value of 5 seconds. + // A value of -1 will disable caching, requiring a preflight OPTIONS check for all calls. + if rawRule.AccessControlMaxAge != nil { + if *rawRule.AccessControlMaxAge < -1 || *rawRule.AccessControlMaxAge > 86400 { + return nil, fmt.Errorf("AccessControlMaxAge must be in [-1, 86400]") + } + rule.AccessControlMaxAge = rawRule.AccessControlMaxAge + } + + rule.AccessControlAllowCredentials = rawRule.AccessControlAllowCredentials + return &rule, nil +} + +func ruleListConvert(rawRuleList RuleRawList) (CorsRuleList, error) { + ruleList := CorsRuleList{} + for i, rawRule := range rawRuleList { + rule, err := ruleConvert(rawRule) + if err != nil { + return nil, fmt.Errorf("rule [%d] error: %v", i, err) + } + + ruleList = append(ruleList, *rule) + } + + return ruleList, nil +} + +func CorsRuleFileLoad(filename string) (*CorsRuleConf, error) { + var corsRuleFile CorsRuleFile + var corsRuleConf CorsRuleConf + + file, err := os.Open(filename) + if err != nil { + return nil, err + } + defer file.Close() + + decoder := json.NewDecoder(file) + err = decoder.Decode(&corsRuleFile) + if err != nil { + return nil, err + } + + err = CorsRuleCheck(&corsRuleFile) + if err != nil { + return nil, err + } + + corsRuleConf.Version = corsRuleFile.Version + corsRuleConf.Config = make(ProductRuleList) + + for product, ruleFileList := range corsRuleFile.Config { + ruleList, err := ruleListConvert(ruleFileList) + if err != nil { + return nil, fmt.Errorf("product[%s] rule error: %v", product, err) + } + corsRuleConf.Config[product] = ruleList + } + + return &corsRuleConf, nil +} diff --git a/bfe_modules/mod_cors/cors_rule_load_test.go b/bfe_modules/mod_cors/cors_rule_load_test.go new file mode 100644 index 000000000..f0f61cbd8 --- /dev/null +++ b/bfe_modules/mod_cors/cors_rule_load_test.go @@ -0,0 +1,281 @@ +// Copyright (c) 2019 The BFE Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package mod_cors + +import ( + "strings" + "testing" +) + +// normal case +func TestCorsRuleFileLoad(t *testing.T) { + corsRuleConf, err := CorsRuleFileLoad("testdata/mod_cors/cors_rule.data") + if err != nil { + t.Fatalf("should have no error, but error is %v", err) + } + + expectVersion := "20200508210000" + if corsRuleConf.Version != expectVersion { + t.Fatalf("Version should be %s, but it's %s", expectVersion, corsRuleConf.Version) + } + + if corsRuleConf.Config == nil { + t.Fatalf("Config should not be nil") + } + + ruleList, ok := corsRuleConf.Config[expectProduct] + if !ok { + t.Fatalf("config should have product: %s", expectProduct) + } + + if len(ruleList) != 1 { + t.Fatalf("len(ruleList) should be 1, but it's %d", len(ruleList)) + } +} + +// rule file no version +func TestCorsRuleFileLoadCaseNoVersion(t *testing.T) { + _, err := CorsRuleFileLoad("testdata/mod_cors/cors_rule_no_version.data") + if err == nil { + t.Fatalf("should have error") + } + + if !strings.Contains(err.Error(), "no Version") { + t.Fatalf("error message is not expected: %v", err) + } +} + +// rule file no config +func TestCorsRuleFileLoadCaseNoConfig(t *testing.T) { + _, err := CorsRuleFileLoad("testdata/mod_cors/cors_rule_no_config.data") + if err == nil { + t.Fatalf("should have error") + } + + if !strings.Contains(err.Error(), "no Config") { + t.Fatalf("error message is not expected: %v", err) + } +} + +// wrong cond +func TestRuleConvertWrongCond(t *testing.T) { + rawRule := CorsRuleRaw{ + Cond: "wrong cond", + } + + _, err := ruleConvert(rawRule) + if err == nil { + t.Fatalf("should have error") + } +} + +// wrong origin variable for AccessControlAllowOrigins +func TestRuleConvertWrongOriginVariable(t *testing.T) { + rawRule := CorsRuleRaw{ + Cond: "default_t()", + AccessControlAllowOrigins: []string{"%wrongorgin"}, + } + + _, err := ruleConvert(rawRule) + if err == nil { + t.Fatalf("should have error") + } + + if !strings.Contains(err.Error(), "AccessControlAllowOrigins %wrongorgin is not supported") { + t.Fatalf("error is not expected, %v", err) + } +} + +// wrong Wildcard for AccessControlAllowOrigins +func TestRuleConvertOriginWrongWildcard(t *testing.T) { + rawRule := CorsRuleRaw{ + Cond: "default_t()", + AccessControlAllowOrigins: []string{"*wrongwildcard"}, + } + + _, err := ruleConvert(rawRule) + if err == nil { + t.Fatalf("should have error") + } + + if !strings.Contains(err.Error(), "AccessControlAllowOrigins *wrongwildcard is not supported") { + t.Fatalf("error is not expected, %v", err) + } +} + +// wrong credentials for AccessControlAllowOrigins +func TestRuleConvertWrongCredentials(t *testing.T) { + rawRule := CorsRuleRaw{ + Cond: "default_t()", + AccessControlAllowOrigins: []string{"*"}, + AccessControlAllowCredentials: true, + } + + _, err := ruleConvert(rawRule) + if err == nil { + t.Fatalf("should have error") + } + + if !strings.Contains(err.Error(), "AccessControlAllowCredentials can not be ture when AccessControlAllowOrigins is *") { + t.Fatalf("error is not expected, %v", err) + } +} + +// wrong credentials for AccessControlAllowOrigins +func TestRuleConvertOriginWrongElementNum(t *testing.T) { + rawRule := CorsRuleRaw{ + Cond: "default_t()", + AccessControlAllowOrigins: []string{"null", "http://example.org"}, + } + + _, err := ruleConvert(rawRule) + if err == nil { + t.Fatalf("should have error") + } + + if !strings.Contains(err.Error(), "AccessControlAllowOrigins can only contain one element when AccessControlAllowOrigins is null or *") { + t.Fatalf("error is not expected, %v", err) + } + + rawRule.AccessControlAllowOrigins = []string{"*", "http://example.org"} + _, err = ruleConvert(rawRule) + if err == nil { + t.Fatalf("should have error") + } + + if !strings.Contains(err.Error(), "AccessControlAllowOrigins can only contain one element when AccessControlAllowOrigins is null or *") { + t.Fatalf("error is not expected, %v", err) + } +} + +func TestRuleConvertAllowHeaderWrongWildcard(t *testing.T) { + rawRule := CorsRuleRaw{ + Cond: "default_t()", + AccessControlAllowOrigins: []string{"*"}, + AccessControlAllowHeaders: []string{"*wrongheader"}, + } + + _, err := ruleConvert(rawRule) + if err == nil { + t.Fatalf("should have error") + } + + if !strings.Contains(err.Error(), "AccessControlAllowHeaders *wrongheader is not supported") { + t.Fatalf("error is not expected, %v", err) + } +} + +func TestRuleConvertAllowHeaderWrongElementNum(t *testing.T) { + rawRule := CorsRuleRaw{ + Cond: "default_t()", + AccessControlAllowOrigins: []string{"*"}, + AccessControlAllowHeaders: []string{"*", "X-Bfe-Test"}, + } + + _, err := ruleConvert(rawRule) + if err == nil { + t.Fatalf("should have error") + } + + if !strings.Contains(err.Error(), "AccessControlAllowHeaders can only contain one element when AccessControlAllowHeaders is *") { + t.Fatalf("error is not expected, %v", err) + } +} + +func TestRuleConvertExposeHeaderWrongWildcard(t *testing.T) { + rawRule := CorsRuleRaw{ + Cond: "default_t()", + AccessControlAllowOrigins: []string{"*"}, + AccessControlExposeHeaders: []string{"*wrongheader"}, + } + + _, err := ruleConvert(rawRule) + if err == nil { + t.Fatalf("should have error") + } + + if !strings.Contains(err.Error(), "AccessControlExposeHeaders *wrongheader is not supported") { + t.Fatalf("error is not expected, %v", err) + } +} + +func TestRuleConvertExposeHeaderWrongElementNum(t *testing.T) { + rawRule := CorsRuleRaw{ + Cond: "default_t()", + AccessControlAllowOrigins: []string{"*"}, + AccessControlExposeHeaders: []string{"*", "X-Bfe-Test"}, + } + + _, err := ruleConvert(rawRule) + if err == nil { + t.Fatalf("should have error") + } + + if !strings.Contains(err.Error(), "AccessControlExposeHeaders can only contain one element when AccessControlExposeHeaders is *") { + t.Fatalf("error is not expected, %v", err) + } +} + +func TestRuleConvertAllowMethodWrongWildcard(t *testing.T) { + rawRule := CorsRuleRaw{ + Cond: "default_t()", + AccessControlAllowOrigins: []string{"*"}, + AccessControlAllowMethods: []string{"*wrongmethod"}, + } + + _, err := ruleConvert(rawRule) + if err == nil { + t.Fatalf("should have error") + } + + if !strings.Contains(err.Error(), "AccessControlAllowMethods *wrongmethod is not supported") { + t.Fatalf("error is not expected, %v", err) + } +} + +func TestRuleConvertAllowMethodWrongElementNum(t *testing.T) { + rawRule := CorsRuleRaw{ + Cond: "default_t()", + AccessControlAllowOrigins: []string{"*"}, + AccessControlAllowMethods: []string{"*", "X-Bfe-Test"}, + } + + _, err := ruleConvert(rawRule) + if err == nil { + t.Fatalf("should have error") + } + + if !strings.Contains(err.Error(), "AccessControlAllowMethods can only contain one element when AccessControlAllowMethods is *") { + t.Fatalf("error is not expected, %v", err) + } +} + +func TestRuleConvertMaxAge(t *testing.T) { + maxAge := -2 + rawRule := CorsRuleRaw{ + Cond: "default_t()", + AccessControlAllowOrigins: []string{"*"}, + AccessControlMaxAge: &maxAge, + } + + _, err := ruleConvert(rawRule) + if err == nil { + t.Fatalf("should have error") + } + + if !strings.Contains(err.Error(), "AccessControlMaxAge must be in [-1, 86400]") { + t.Fatalf("error is not expected, %v", err) + } +} diff --git a/bfe_modules/mod_cors/cors_rule_table.go b/bfe_modules/mod_cors/cors_rule_table.go new file mode 100644 index 000000000..61d8b2874 --- /dev/null +++ b/bfe_modules/mod_cors/cors_rule_table.go @@ -0,0 +1,63 @@ +// Copyright (c) 2019 The BFE Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package mod_cors + +import ( + "sync" +) + +import ( + "github.com/bfenetworks/bfe/bfe_basic/condition" +) + +type CorsRuleTable struct { + lock sync.RWMutex + version string + productRule ProductRuleList // product => rule list +} + +type CorsRule struct { + Cond condition.Condition + AccessControlAllowOriginMap map[string]bool + AccessControlAllowCredentials bool + AccessControlExposeHeaders []string + AccessControlAllowHeaders []string + AccessControlAllowMethods []string + AccessControlMaxAge *int +} + +type ProductRuleList map[string]CorsRuleList // product => list of cors rule list +type CorsRuleList []CorsRule + +func NewCorsRuleTable() *CorsRuleTable { + t := new(CorsRuleTable) + t.productRule = make(ProductRuleList) + return t +} + +func (t *CorsRuleTable) Update(ruleConf *CorsRuleConf) { + t.lock.Lock() + t.version = ruleConf.Version + t.productRule = ruleConf.Config + t.lock.Unlock() +} + +func (t *CorsRuleTable) Search(product string) (CorsRuleList, bool) { + t.lock.RLock() + ruleList, ok := t.productRule[product] + t.lock.RUnlock() + + return ruleList, ok +} diff --git a/bfe_modules/mod_cors/mod_cors.go b/bfe_modules/mod_cors/mod_cors.go new file mode 100644 index 000000000..80f5eb81d --- /dev/null +++ b/bfe_modules/mod_cors/mod_cors.go @@ -0,0 +1,351 @@ +// Copyright (c) 2019 The BFE Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package mod_cors + +import ( + "fmt" + "net/http" + "net/url" + "path/filepath" + "strconv" + "strings" +) + +import ( + "github.com/baidu/go-lib/log" + "github.com/baidu/go-lib/web-monitor/metrics" + "github.com/baidu/go-lib/web-monitor/web_monitor" +) + +import ( + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" +) + +const ( + ModCors = "mod_cors" + HeaderAccessControlAllowOrigin = "Access-Control-Allow-Origin" + HeaderAccessControlAllowCredentials = "Access-Control-Allow-Credentials" + HeaderAccessControlAllowMethods = "Access-Control-Allow-Methods" + HeaderAccessControlAllowHeaders = "Access-Control-Allow-Headers" + HeaderAccessControlMaxAge = "Access-Control-Max-Age" + HeaderAccessControlExposeHeaders = "Access-Control-Expose-Headers" + HeaderAccessControlRequestMethod = "Access-Control-Request-Method" + HeaderOrigin = "Origin" + HeaderVary = "Vary" +) + +type ModuleCorsState struct { + ReqCorsRuleHit *metrics.Counter + ReqPreFlightHit *metrics.Counter + ReqAllowOriginHit *metrics.Counter + ReqNotAllowOriginHit *metrics.Counter +} + +var ( + openDebug = false +) + +type ModuleCors struct { + name string + conf *ConfModCors + ruleTable *CorsRuleTable + state ModuleCorsState + metrics metrics.Metrics +} + +func NewModuleCors() *ModuleCors { + m := new(ModuleCors) + m.name = ModCors + m.ruleTable = NewCorsRuleTable() + m.metrics.Init(&m.state, ModCors, 0) + return m +} + +func (m *ModuleCors) Name() string { + return m.name +} + +func (m *ModuleCors) loadRuleData(query url.Values) (string, error) { + // get file path + path := query.Get("path") + if path == "" { + // use default + path = m.conf.Basic.DataPath + } + + // load from config file + conf, err := CorsRuleFileLoad(path) + if err != nil { + return "", fmt.Errorf("%s: CorsRuleFileLoad(%s) error: %v", m.name, path, err) + } + + // update to rule table + m.ruleTable.Update(conf) + + _, fileName := filepath.Split(path) + return fmt.Sprintf("%s=%s", fileName, conf.Version), nil +} + +// Add `Origin` in the Vary response header, to indicate to clients that server responses will differ based on the value +// of the Origin request header +func addVaryHeader(rspHeader bfe_http.Header) { + varyValue := rspHeader.Get(HeaderVary) + if len(varyValue) == 0 { + rspHeader.Set(HeaderVary, HeaderOrigin) + return + } + + if varyValue == "*" { + return + } + + needAddOrigin := true + items := strings.Split(varyValue, ",") + for _, item := range items { + if strings.TrimSpace(item) == HeaderOrigin { + needAddOrigin = false + break + } + } + + if needAddOrigin { + varyValue += fmt.Sprintf(",%s", HeaderOrigin) + } +} + +// set response header for preflight request +func (m *ModuleCors) setRespHeaderForPreflght(request *bfe_basic.Request, rspHeader bfe_http.Header, rule *CorsRule) { + origin := request.HttpRequest.Header.Get(HeaderOrigin) + allow, matchedOrigin := matchOriginAllowed(origin, rule) + if !allow { + m.state.ReqNotAllowOriginHit.Inc(1) + return + } + m.state.ReqAllowOriginHit.Inc(1) + + rspHeader.Set(HeaderAccessControlAllowOrigin, matchedOrigin) + + if rule.AccessControlAllowCredentials { + rspHeader.Set(HeaderAccessControlAllowCredentials, "true") + } + + if len(rule.AccessControlAllowMethods) > 0 { + rspHeader.Set(HeaderAccessControlAllowMethods, strings.Join(rule.AccessControlAllowMethods, ",")) + } + + if len(rule.AccessControlAllowHeaders) > 0 { + rspHeader.Set(HeaderAccessControlAllowHeaders, strings.Join(rule.AccessControlAllowHeaders, ",")) + } + + if rule.AccessControlMaxAge != nil { + rspHeader.Set(HeaderAccessControlMaxAge, strconv.Itoa(*rule.AccessControlMaxAge)) + } + + addVaryHeader(rspHeader) +} + +// set response header for non-preflight request +func (m *ModuleCors) setRespHeaderForNonPreflight(request *bfe_basic.Request, rspHeader bfe_http.Header, rule *CorsRule) { + origin := request.HttpRequest.Header.Get(HeaderOrigin) + allow, matchedOrigin := matchOriginAllowed(origin, rule) + if !allow { + m.state.ReqNotAllowOriginHit.Inc(1) + return + } + m.state.ReqAllowOriginHit.Inc(1) + + rspHeader.Set(HeaderAccessControlAllowOrigin, matchedOrigin) + + if rule.AccessControlAllowCredentials { + rspHeader.Set(HeaderAccessControlAllowCredentials, "true") + } + + if len(rule.AccessControlExposeHeaders) > 0 { + rspHeader.Set(HeaderAccessControlExposeHeaders, strings.Join(rule.AccessControlExposeHeaders, ",")) + } + + addVaryHeader(rspHeader) +} + +func (m *ModuleCors) corsHandler(request *bfe_basic.Request, response *bfe_http.Response) int { + // cors request must carry header "origin" + if request.HttpRequest.Header.Get(HeaderOrigin) == "" { + return bfe_module.BfeHandlerGoOn + } + + // preflight request has processed by corsPreflightHandler, no need to deal it + if checkCorsPreflight(request) { + return bfe_module.BfeHandlerGoOn + } + + rules, ok := m.ruleTable.Search(request.Route.Product) + if !ok { + return bfe_module.BfeHandlerGoOn + } + + for index, rule := range rules { + if rule.Cond.Match(request) { + if openDebug { + log.Logger.Info("%s hit product[%s] cors rule[%d]", + request.HttpRequest.Host+request.HttpRequest.URL.RequestURI(), request.Route.Product, index) + } + + m.state.ReqCorsRuleHit.Inc(1) + + // set cors header for response + m.setRespHeaderForNonPreflight(request, response.Header, &rule) + break + } + } + + return bfe_module.BfeHandlerGoOn +} + +func checkCorsPreflight(request *bfe_basic.Request) bool { + if request.HttpRequest.Method != http.MethodOptions { + return false + } + + if request.HttpRequest.Header.Get(HeaderOrigin) == "" { + return false + } + + if _, ok := supportedMethod[request.HttpRequest.Header.Get(HeaderAccessControlRequestMethod)]; !ok { + return false + } + + return true +} + +func matchOriginAllowed(origin string, rule *CorsRule) (bool, string) { + if _, ok := rule.AccessControlAllowOriginMap["%origin"]; ok { + return true, origin + } + + if _, ok := rule.AccessControlAllowOriginMap["*"]; ok { + return true, "*" + } + + if _, ok := rule.AccessControlAllowOriginMap[origin]; ok { + return true, origin + } + + return false, "" +} + +func (m *ModuleCors) createCorsPreflightResponse(request *bfe_basic.Request, rule *CorsRule) *bfe_http.Response { + m.state.ReqPreFlightHit.Inc(1) + + resp := bfe_basic.CreateInternalResp(request, bfe_http.StatusNoContent) + + m.setRespHeaderForPreflght(request, resp.Header, rule) + + return resp +} + +func (m *ModuleCors) corsPreflightHandler(request *bfe_basic.Request) (int, *bfe_http.Response) { + if !checkCorsPreflight(request) { + return bfe_module.BfeHandlerGoOn, nil + } + + rules, ok := m.ruleTable.Search(request.Route.Product) + if !ok { + return bfe_module.BfeHandlerGoOn, nil + } + + for index, rule := range rules { + if rule.Cond.Match(request) { + if openDebug { + log.Logger.Info("%s hit product[%s] cors rule[%d]", + request.HttpRequest.Host+request.HttpRequest.URL.String(), request.Route.Product, index) + } + + m.state.ReqCorsRuleHit.Inc(1) + + resp := m.createCorsPreflightResponse(request, &rule) + + return bfe_module.BfeHandlerResponse, resp + } + } + + return bfe_module.BfeHandlerGoOn, nil +} + +func (m *ModuleCors) getState(params map[string][]string) ([]byte, error) { + s := m.metrics.GetAll() + return s.Format(params) +} + +func (m *ModuleCors) getStateDiff(params map[string][]string) ([]byte, error) { + s := m.metrics.GetDiff() + return s.Format(params) +} + +func (m *ModuleCors) monitorHandlers() map[string]interface{} { + handlers := map[string]interface{}{ + m.name: m.getState, + m.name + ".diff": m.getStateDiff, + } + return handlers +} + +func (m *ModuleCors) reloadHandlers() map[string]interface{} { + handlers := map[string]interface{}{ + m.name: m.loadRuleData, + } + return handlers +} + +func (m *ModuleCors) Init(cbs *bfe_module.BfeCallbacks, whs *web_monitor.WebHandlers, cr string) error { + var err error + var conf *ConfModCors + + confPath := bfe_module.ModConfPath(cr, m.name) + if conf, err = ConfLoad(confPath, cr); err != nil { + return fmt.Errorf("%s: conf load err %s", m.name, err.Error()) + } + + m.conf = conf + openDebug = conf.Log.OpenDebug + + _, err = m.loadRuleData(nil) + if err != nil { + return err + } + + err = cbs.AddFilter(bfe_module.HandleFoundProduct, m.corsPreflightHandler) + if err != nil { + return fmt.Errorf("%s.Init(): AddFilter(m.corsPreflightHandler): %v", m.name, err) + } + + err = cbs.AddFilter(bfe_module.HandleReadResponse, m.corsHandler) + if err != nil { + return fmt.Errorf("%s.Init(): AddFilter(m.corsHandler): %v", m.name, err) + } + + err = web_monitor.RegisterHandlers(whs, web_monitor.WebHandleMonitor, m.monitorHandlers()) + if err != nil { + return fmt.Errorf("%s.Init():RegisterHandlers(m.reloadHandlers): %v", m.name, err) + } + + err = web_monitor.RegisterHandlers(whs, web_monitor.WebHandleReload, m.reloadHandlers()) + if err != nil { + return fmt.Errorf("%s.Init():RegisterHandlers(m.reloadHandlers): %v", m.name, err) + } + + return nil +} diff --git a/bfe_modules/mod_cors/mod_cors_test.go b/bfe_modules/mod_cors/mod_cors_test.go new file mode 100644 index 000000000..9ddcdcdf9 --- /dev/null +++ b/bfe_modules/mod_cors/mod_cors_test.go @@ -0,0 +1,177 @@ +// Copyright (c) 2019 The BFE Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package mod_cors + +import ( + "net/http" + "net/url" + "testing" +) + +import ( + "github.com/baidu/go-lib/web-monitor/web_monitor" +) + +import ( + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" +) + +const ( + expectProduct = "example_product" +) + +func TestLoadRuleData(t *testing.T) { + m := NewModuleCors() + + query := url.Values{ + "path": []string{"testdata/mod_cors/cors_rule.data"}, + } + + expectModVersion := "cors_rule.data=20200508210000" + modVersion, err := m.loadRuleData(query) + if err != nil { + t.Fatalf("should have no error, but error is %v", err) + } + + if modVersion != expectModVersion { + t.Fatalf("version shoule be %s, but it's %s", expectModVersion, modVersion) + } + + expectVersion := "20200508210000" + if m.ruleTable.version != expectVersion { + t.Fatalf("version shoule be %s, but it's %s", expectVersion, m.ruleTable.version) + } + + ruleList, ok := m.ruleTable.productRule[expectProduct] + if !ok { + t.Fatalf("config should have product: %s", expectProduct) + } + + if len(ruleList) != 1 { + t.Fatalf("len(ruleList) should be 1, but it's %d", len(ruleList)) + } +} + +func TestCorsHandlerCase1(t *testing.T) { + m := NewModuleCors() + cb := bfe_module.NewBfeCallbacks() + wh := web_monitor.NewWebHandlers() + err := m.Init(cb, wh, "./testdata") + if err != nil { + t.Fatalf("Init() error: %v", err) + } + + // prepare request + req := new(bfe_basic.Request) + req.Session = new(bfe_basic.Session) + req.Route.Product = expectProduct + req.HttpRequest, err = bfe_http.NewRequest(http.MethodGet, "http://example.org", nil) + if err != nil { + t.Fatalf("bfe_http.NewRequest error: %v", err) + } + req.HttpRequest.Header = make(bfe_http.Header) + req.HttpRequest.Header.Set(HeaderOrigin, "http://hello-world.example") + + // prepare respnose + resp := bfe_basic.CreateInternalResp(req, bfe_http.StatusOK) + + m.corsHandler(req, resp) + + origin := resp.Header.Get(HeaderAccessControlAllowOrigin) + if origin != "*" { + t.Fatalf("response header %s is not expected, it's %s", HeaderAccessControlAllowOrigin, origin) + } +} + +func TestCheckCorsPreflight(t *testing.T) { + req := new(bfe_basic.Request) + req.HttpRequest, _ = bfe_http.NewRequest(http.MethodOptions, "http://example.org", nil) + if checkCorsPreflight(req) { + t.Fatalf("checkCorsPreflight should return false") + } + + req.HttpRequest.Header = make(bfe_http.Header) + req.HttpRequest.Header.Set(HeaderOrigin, "http://hello-world.example") + if checkCorsPreflight(req) { + t.Fatalf("checkCorsPreflight should return false") + } + + req.HttpRequest.Header.Set(HeaderAccessControlRequestMethod, http.MethodPut) + if !checkCorsPreflight(req) { + t.Fatalf("checkCorsPreflight should return true") + } +} + +func TestSetRespCorsHeader(t *testing.T) { + allowedOrigin := "http://hello-world.example" + exposeHeader := "X-Bfe-Test" + + m := NewModuleCors() + + req := new(bfe_basic.Request) + req.HttpRequest, _ = bfe_http.NewRequest(http.MethodGet, "http://example.org", nil) + req.HttpRequest.Header.Set(HeaderOrigin, allowedOrigin) + rspHeader := make(bfe_http.Header) + + maxAge := 10 + rule := CorsRule{ + AccessControlAllowOriginMap: map[string]bool{allowedOrigin: true}, + AccessControlAllowCredentials: true, + AccessControlExposeHeaders: []string{exposeHeader}, + AccessControlAllowMethods: []string{http.MethodPut}, + AccessControlAllowHeaders: []string{exposeHeader}, + AccessControlMaxAge: &maxAge, + } + + // preflight is false + m.setRespHeaderForNonPreflight(req, rspHeader, &rule) + + if rspHeader.Get(HeaderAccessControlAllowOrigin) != allowedOrigin { + t.Fatalf("response header %s is not expected", HeaderAccessControlAllowOrigin) + } + + if rspHeader.Get(HeaderAccessControlAllowCredentials) != "true" { + t.Fatalf("response header %s is not expected", HeaderAccessControlAllowCredentials) + } + + if rspHeader.Get(HeaderAccessControlExposeHeaders) != exposeHeader { + t.Fatalf("response header %s is not expected", HeaderAccessControlExposeHeaders) + } + + if rspHeader.Get(HeaderVary) != HeaderOrigin { + t.Fatalf("response header %s is not expected", HeaderVary) + } + + if len(rspHeader.Get(HeaderAccessControlAllowMethods)) != 0 { + t.Fatalf("response header %s is not expected", HeaderAccessControlAllowMethods) + } + + if len(rspHeader.Get(HeaderAccessControlMaxAge)) != 0 { + t.Fatalf("response header %s is not expected", HeaderAccessControlMaxAge) + } + + // preflight is ture + m.setRespHeaderForPreflght(req, rspHeader, &rule) + + if rspHeader.Get(HeaderAccessControlAllowMethods) != http.MethodPut { + t.Fatalf("response header %s is not expected", HeaderAccessControlAllowMethods) + } + + if rspHeader.Get(HeaderAccessControlMaxAge) != "10" { + t.Fatalf("response header %s is not expected", HeaderAccessControlMaxAge) + } +} diff --git a/bfe_modules/mod_cors/testdata/mod_cors/cors_rule.data b/bfe_modules/mod_cors/testdata/mod_cors/cors_rule.data new file mode 100644 index 000000000..aa13b6d97 --- /dev/null +++ b/bfe_modules/mod_cors/testdata/mod_cors/cors_rule.data @@ -0,0 +1,16 @@ +{ + "Version": "20200508210000", + "Config": { + "example_product": [ + { + "Cond": "req_host_in(\"example.org\")", + "AccessControlAllowOrigins": ["*"], + "AccessControlAllowCredentials": false, + "AccessControlAllowHeaders": [], + "AccessControlAllowMethods": [], + "AccessControlExposeHeaders": [], + "AccessControlMaxAge": 0 + } + ] + } +} \ No newline at end of file diff --git a/bfe_modules/mod_cors/testdata/mod_cors/cors_rule_no_config.data b/bfe_modules/mod_cors/testdata/mod_cors/cors_rule_no_config.data new file mode 100644 index 000000000..cc706b58a --- /dev/null +++ b/bfe_modules/mod_cors/testdata/mod_cors/cors_rule_no_config.data @@ -0,0 +1,3 @@ +{ + "Version": "20200508210000" +} \ No newline at end of file diff --git a/bfe_modules/mod_cors/testdata/mod_cors/cors_rule_no_version.data b/bfe_modules/mod_cors/testdata/mod_cors/cors_rule_no_version.data new file mode 100644 index 000000000..da695e569 --- /dev/null +++ b/bfe_modules/mod_cors/testdata/mod_cors/cors_rule_no_version.data @@ -0,0 +1,15 @@ +{ + "Config": { + "example_product": [ + { + "Cond": "req_host_in(\"example.org\")", + "AccessControlAllowOrigins": ["*"], + "AccessControlAllowCredentials": false, + "AccessControlAllowHeaders": [], + "AccessControlAllowMethods": [], + "AccessControlExposeHeaders": [], + "AccessControlMaxAge": 0 + } + ] + } +} \ No newline at end of file diff --git a/bfe_modules/mod_cors/testdata/mod_cors/mod_cors.conf b/bfe_modules/mod_cors/testdata/mod_cors/mod_cors.conf new file mode 100644 index 000000000..1a960617e --- /dev/null +++ b/bfe_modules/mod_cors/testdata/mod_cors/mod_cors.conf @@ -0,0 +1,5 @@ +[Basic] +DataPath = mod_cors/cors_rule.data + +[Log] +OpenDebug = false \ No newline at end of file diff --git a/bfe_modules/mod_doh/conf_mod_doh.go b/bfe_modules/mod_doh/conf_mod_doh.go index b49e996b6..e6d64d64d 100644 --- a/bfe_modules/mod_doh/conf_mod_doh.go +++ b/bfe_modules/mod_doh/conf_mod_doh.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -24,7 +24,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic/condition" + "github.com/bfenetworks/bfe/bfe_basic/condition" ) type DnsConf struct { diff --git a/bfe_modules/mod_doh/conf_mod_doh_test.go b/bfe_modules/mod_doh/conf_mod_doh_test.go index 1728dfeb5..79bb6b555 100644 --- a/bfe_modules/mod_doh/conf_mod_doh_test.go +++ b/bfe_modules/mod_doh/conf_mod_doh_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_doh/dns_fetcher.go b/bfe_modules/mod_doh/dns_fetcher.go index f55731b6e..bc718c50e 100644 --- a/bfe_modules/mod_doh/dns_fetcher.go +++ b/bfe_modules/mod_doh/dns_fetcher.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -24,8 +24,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" ) type DnsFetcher interface { diff --git a/bfe_modules/mod_doh/dns_msg_convert.go b/bfe_modules/mod_doh/dns_msg_convert.go index 44cd0dd06..4b3d2ce34 100644 --- a/bfe_modules/mod_doh/dns_msg_convert.go +++ b/bfe_modules/mod_doh/dns_msg_convert.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -28,8 +28,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" ) const DnsMessage = "application/dns-message" diff --git a/bfe_modules/mod_doh/dns_msg_convert_test.go b/bfe_modules/mod_doh/dns_msg_convert_test.go index e0a5bbfed..5af0f0f9f 100644 --- a/bfe_modules/mod_doh/dns_msg_convert_test.go +++ b/bfe_modules/mod_doh/dns_msg_convert_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -27,9 +27,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_util/net_util" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_util/net_util" ) func buildPostRequest(data []byte, t *testing.T) *bfe_http.Request { diff --git a/bfe_modules/mod_doh/mod_doh.go b/bfe_modules/mod_doh/mod_doh.go index 1de80f9db..e4accc078 100644 --- a/bfe_modules/mod_doh/mod_doh.go +++ b/bfe_modules/mod_doh/mod_doh.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -24,10 +24,10 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_basic/condition" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_basic/condition" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" ) const ( diff --git a/bfe_modules/mod_doh/mod_doh_test.go b/bfe_modules/mod_doh/mod_doh_test.go index ff42999ab..8f5579f2a 100644 --- a/bfe_modules/mod_doh/mod_doh_test.go +++ b/bfe_modules/mod_doh/mod_doh_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -23,9 +23,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" ) type TestDnsFetcher struct{} diff --git a/bfe_modules/mod_errors/action.go b/bfe_modules/mod_errors/action.go index f248b5a16..f1efdf798 100644 --- a/bfe_modules/mod_errors/action.go +++ b/bfe_modules/mod_errors/action.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -24,9 +24,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_util" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_util" ) const ( diff --git a/bfe_modules/mod_errors/action_test.go b/bfe_modules/mod_errors/action_test.go index e633958ac..c996983e0 100644 --- a/bfe_modules/mod_errors/action_test.go +++ b/bfe_modules/mod_errors/action_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -19,8 +19,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" ) func prepareAction() *Action { diff --git a/bfe_modules/mod_errors/conf_mod_errors.go b/bfe_modules/mod_errors/conf_mod_errors.go index 53d61f9cb..ca9322920 100644 --- a/bfe_modules/mod_errors/conf_mod_errors.go +++ b/bfe_modules/mod_errors/conf_mod_errors.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ package mod_errors import ( - "github.com/baidu/bfe/bfe_util" + "github.com/bfenetworks/bfe/bfe_util" "github.com/baidu/go-lib/log" gcfg "gopkg.in/gcfg.v1" ) diff --git a/bfe_modules/mod_errors/errors_rule_load.go b/bfe_modules/mod_errors/errors_rule_load.go index 2a0036d2f..fe04fb6c2 100644 --- a/bfe_modules/mod_errors/errors_rule_load.go +++ b/bfe_modules/mod_errors/errors_rule_load.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -22,7 +22,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic/condition" + "github.com/bfenetworks/bfe/bfe_basic/condition" ) type ErrorsRuleFile struct { diff --git a/bfe_modules/mod_errors/errors_rule_table.go b/bfe_modules/mod_errors/errors_rule_table.go index 8f74e8ab9..967601653 100644 --- a/bfe_modules/mod_errors/errors_rule_table.go +++ b/bfe_modules/mod_errors/errors_rule_table.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_errors/mod_errors.go b/bfe_modules/mod_errors/mod_errors.go index 0cee62950..023352f93 100644 --- a/bfe_modules/mod_errors/mod_errors.go +++ b/bfe_modules/mod_errors/mod_errors.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -25,9 +25,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" ) var ( diff --git a/bfe_modules/mod_geo/conf_mod_geo.go b/bfe_modules/mod_geo/conf_mod_geo.go index 4ba54d85c..a5a55f9bc 100644 --- a/bfe_modules/mod_geo/conf_mod_geo.go +++ b/bfe_modules/mod_geo/conf_mod_geo.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_util" + "github.com/bfenetworks/bfe/bfe_util" ) type ConfModGeo struct { diff --git a/bfe_modules/mod_geo/conf_mod_geo_test.go b/bfe_modules/mod_geo/conf_mod_geo_test.go index 58121ae9d..21e45fe90 100644 --- a/bfe_modules/mod_geo/conf_mod_geo_test.go +++ b/bfe_modules/mod_geo/conf_mod_geo_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_geo/mod_geo.go b/bfe_modules/mod_geo/mod_geo.go index 6fc290612..0d9fa4ae6 100644 --- a/bfe_modules/mod_geo/mod_geo.go +++ b/bfe_modules/mod_geo/mod_geo.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -31,9 +31,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" ) const ( @@ -164,7 +164,7 @@ func (m *ModuleGeo) setGeoInfoToReqContext(req *bfe_basic.Request, cityInfo *geo if openDebug { log.Logger.Debug("%s: the geolocation information: conturyIsoCode(%s), subdivisionIsoCode(%s),"+ - "cityName(%s), longitude(%d) and latitude(%d)", + "cityName(%s), longitude(%s) and latitude(%s)", m.name, conturyIsoCode, subdivisionIsoCode, cityName, latitude, longitude) } } diff --git a/bfe_modules/mod_geo/mod_geo_test.go b/bfe_modules/mod_geo/mod_geo_test.go index c4220a121..79b82c57f 100644 --- a/bfe_modules/mod_geo/mod_geo_test.go +++ b/bfe_modules/mod_geo/mod_geo_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -25,8 +25,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_module" ) func initModGeo() (*ModuleGeo, error) { diff --git a/bfe_modules/mod_header/action.go b/bfe_modules/mod_header/action.go index bd4008839..f0d0a55f4 100644 --- a/bfe_modules/mod_header/action.go +++ b/bfe_modules/mod_header/action.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -24,9 +24,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_net/textproto" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_net/textproto" ) type ActionFile struct { diff --git a/bfe_modules/mod_header/action_cookie.go b/bfe_modules/mod_header/action_cookie.go index 414d7a01d..bfef0600e 100644 --- a/bfe_modules/mod_header/action_cookie.go +++ b/bfe_modules/mod_header/action_cookie.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -21,8 +21,8 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" ) const ( diff --git a/bfe_modules/mod_header/action_header.go b/bfe_modules/mod_header/action_header.go index 31dfe92a4..cabe273f7 100644 --- a/bfe_modules/mod_header/action_header.go +++ b/bfe_modules/mod_header/action_header.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ package mod_header import ( - "github.com/baidu/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_http" ) // insert or modify existing header diff --git a/bfe_modules/mod_header/action_header_var.go b/bfe_modules/mod_header/action_header_var.go index d614c6a89..7b96f2075 100644 --- a/bfe_modules/mod_header/action_header_var.go +++ b/bfe_modules/mod_header/action_header_var.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -25,10 +25,10 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_modules/mod_geo" - "github.com/baidu/bfe/bfe_tls" - "github.com/baidu/bfe/bfe_util" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_modules/mod_geo" + "github.com/bfenetworks/bfe/bfe_tls" + "github.com/bfenetworks/bfe/bfe_util" ) type HeaderValueHandler func(req *bfe_basic.Request) string diff --git a/bfe_modules/mod_header/action_test.go b/bfe_modules/mod_header/action_test.go index 44e05a358..8018e8fc4 100644 --- a/bfe_modules/mod_header/action_test.go +++ b/bfe_modules/mod_header/action_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -21,9 +21,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_net/textproto" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_net/textproto" ) // fake tcp Connection diff --git a/bfe_modules/mod_header/conf_mod_header.go b/bfe_modules/mod_header/conf_mod_header.go index 41c61c717..bd083e9f1 100644 --- a/bfe_modules/mod_header/conf_mod_header.go +++ b/bfe_modules/mod_header/conf_mod_header.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_util" + "github.com/bfenetworks/bfe/bfe_util" ) type ConfModHeader struct { diff --git a/bfe_modules/mod_header/conf_mod_header_test.go b/bfe_modules/mod_header/conf_mod_header_test.go index fb11745c0..a5beae39e 100644 --- a/bfe_modules/mod_header/conf_mod_header_test.go +++ b/bfe_modules/mod_header/conf_mod_header_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_header/default_header.go b/bfe_modules/mod_header/default_header.go index 29777ba0b..eec31a6dc 100644 --- a/bfe_modules/mod_header/default_header.go +++ b/bfe_modules/mod_header/default_header.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_basic" ) func modHeaderForwardedAddr(req *bfe_basic.Request) { diff --git a/bfe_modules/mod_header/header_rule_load.go b/bfe_modules/mod_header/header_rule_load.go index 8fb3449cc..d005a0381 100644 --- a/bfe_modules/mod_header/header_rule_load.go +++ b/bfe_modules/mod_header/header_rule_load.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -23,7 +23,7 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic/condition" + "github.com/bfenetworks/bfe/bfe_basic/condition" ) type HeaderRuleFile struct { diff --git a/bfe_modules/mod_header/header_rule_load_test.go b/bfe_modules/mod_header/header_rule_load_test.go index 1027fc4c1..858eac5f9 100644 --- a/bfe_modules/mod_header/header_rule_load_test.go +++ b/bfe_modules/mod_header/header_rule_load_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_header/header_table.go b/bfe_modules/mod_header/header_table.go index 0c879f88c..3daa4e1c5 100644 --- a/bfe_modules/mod_header/header_table.go +++ b/bfe_modules/mod_header/header_table.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/bfe_modules/mod_header/mod_header.go b/bfe_modules/mod_header/mod_header.go index 882ad7c68..c70bd93bb 100644 --- a/bfe_modules/mod_header/mod_header.go +++ b/bfe_modules/mod_header/mod_header.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -26,9 +26,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" ) const ( @@ -117,7 +117,7 @@ func (m *ModuleHeader) applyProductRule(request *bfe_basic.Request, headerType i func (m *ModuleHeader) setDefaultHeader(request *bfe_basic.Request) { if openDebug { - log.Logger.Debug("setDefaultHeader():src ip=%s, isTrustIP=%s", + log.Logger.Debug("setDefaultHeader():src ip=%s, isTrustIP=%t", request.RemoteAddr.String(), request.Session.IsTrustIP) } diff --git a/bfe_modules/mod_header/mod_header_test.go b/bfe_modules/mod_header/mod_header_test.go index 5c5a8b766..afdcb7e8d 100644 --- a/bfe_modules/mod_header/mod_header_test.go +++ b/bfe_modules/mod_header/mod_header_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -23,9 +23,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" ) func TestGetModuleName(t *testing.T) { diff --git a/bfe_modules/mod_http_code/mod_http_code.go b/bfe_modules/mod_http_code/mod_http_code.go index cee5d98b4..e7534f9ca 100644 --- a/bfe_modules/mod_http_code/mod_http_code.go +++ b/bfe_modules/mod_http_code/mod_http_code.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -25,9 +25,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" ) const ( diff --git a/bfe_modules/mod_http_code/mod_http_code_test.go b/bfe_modules/mod_http_code/mod_http_code_test.go index 718c2024f..833d6a06a 100644 --- a/bfe_modules/mod_http_code/mod_http_code_test.go +++ b/bfe_modules/mod_http_code/mod_http_code_test.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -23,9 +23,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_http" - "github.com/baidu/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_http" + "github.com/bfenetworks/bfe/bfe_module" ) func TestRequestFinish(t *testing.T) { diff --git a/bfe_modules/mod_key_log/conf_mod_key_log.go b/bfe_modules/mod_key_log/conf_mod_key_log.go index 61a38a958..4a117e1bf 100644 --- a/bfe_modules/mod_key_log/conf_mod_key_log.go +++ b/bfe_modules/mod_key_log/conf_mod_key_log.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -24,11 +24,14 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_util" + "github.com/bfenetworks/bfe/bfe_util" ) // ConfModKeyLog represents the basic config for mod_key_log. type ConfModKeyLog struct { + Basic struct { + DataPath string // path of config data (key_log) + } Log struct { LogPrefix string // log file prefix LogDir string // log file dir diff --git a/bfe_modules/mod_key_log/key_log_conf_load.go b/bfe_modules/mod_key_log/key_log_conf_load.go new file mode 100644 index 000000000..716cdeaba --- /dev/null +++ b/bfe_modules/mod_key_log/key_log_conf_load.go @@ -0,0 +1,173 @@ +// Copyright (c) 2019 The BFE Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package mod_key_log + +import ( + "encoding/json" + "errors" + "fmt" + "os" +) + +import ( + "github.com/bfenetworks/bfe/bfe_basic/condition" +) + +type KeyLogRuleFile struct { + Cond *string // condition for key_log +} + +type KeyLogRule struct { + Cond condition.Condition // condition for key_log +} + +type RuleFileList []KeyLogRuleFile +type RuleList []KeyLogRule + +type ProductRulesFile map[string]*RuleFileList // product => list of key_log rules +type ProductRules map[string]*RuleList // product => list of key_log rules + +type KeyLogConfFile struct { + Version *string // version of the config + Config *ProductRulesFile +} + +type keyLogConf struct { + Version string // version of the config + Config ProductRules // product rules for key_log +} + +func keyLogRuleCheck(conf KeyLogRuleFile) error { + // check Cond + if conf.Cond == nil { + return errors.New("no Cond") + } + + return nil +} + +func RuleListCheck(conf *RuleFileList) error { + for index, rule := range *conf { + err := keyLogRuleCheck(rule) + if err != nil { + return fmt.Errorf("keyLogRule:%d, %s", index, err.Error()) + } + } + + return nil +} + +func ProductRulesCheck(conf *ProductRulesFile) error { + for product, ruleList := range *conf { + if ruleList == nil { + return fmt.Errorf("no RuleList for product:%s", product) + } + + err := RuleListCheck(ruleList) + if err != nil { + return fmt.Errorf("ProductRules:%s, %s", product, err.Error()) + } + } + + return nil +} + +func KeyLogConfCheck(conf KeyLogConfFile) error { + var err error + + // check Version + if conf.Version == nil { + return errors.New("no Version") + } + + // check Config + if conf.Config == nil { + return errors.New("no Config") + } + + err = ProductRulesCheck(conf.Config) + if err != nil { + return fmt.Errorf("Config:%s", err.Error()) + } + + return nil +} + +func ruleConvert(ruleFile KeyLogRuleFile) (KeyLogRule, error) { + rule := KeyLogRule{} + + cond, err := condition.Build(*ruleFile.Cond) + if err != nil { + return rule, err + } + rule.Cond = cond + + return rule, nil +} + +func ruleListConvert(ruleFileList *RuleFileList) (*RuleList, error) { + ruleList := new(RuleList) + *ruleList = make([]KeyLogRule, 0) + + for _, ruleFile := range *ruleFileList { + rule, err := ruleConvert(ruleFile) + if err != nil { + return ruleList, err + } + *ruleList = append(*ruleList, rule) + } + + return ruleList, nil +} + +// keyLogConfLoad loads config of key_log from file. +func keyLogConfLoad(filename string) (keyLogConf, error) { + var conf keyLogConf + var err error + + // open the file + file, err1 := os.Open(filename) + if err1 != nil { + return conf, err1 + } + defer file.Close() + + // decode the file + decoder := json.NewDecoder(file) + var config KeyLogConfFile + err = decoder.Decode(&config) + if err != nil { + return conf, err + } + + // check config + err = KeyLogConfCheck(config) + if err != nil { + return conf, err + } + + // convert config + conf.Version = *config.Version + conf.Config = make(ProductRules) + for product, ruleFileList := range *config.Config { + ruleList, err := ruleListConvert(ruleFileList) + if err != nil { + return conf, err + } + conf.Config[product] = ruleList + } + + return conf, nil +} diff --git a/bfe_modules/mod_key_log/key_log_conf_load_test.go b/bfe_modules/mod_key_log/key_log_conf_load_test.go new file mode 100644 index 000000000..b9a96b297 --- /dev/null +++ b/bfe_modules/mod_key_log/key_log_conf_load_test.go @@ -0,0 +1,40 @@ +// Copyright (c) 2019 The BFE Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package mod_key_log + +import ( + "testing" +) + +func TestKeyLogConfLoad_Normal(t *testing.T) { + config, err := keyLogConfLoad("./testdata/key_log_1.conf") + if err != nil { + t.Errorf("get err from keyLogConfLoad():%s", err.Error()) + return + } + + if len(*config.Config["pn"]) != 1 { + t.Errorf("len(config.Config['pn']) should be 2") + return + } +} + +func TestKeyLogConfLoad_ProductIsNull(t *testing.T) { + _, err := keyLogConfLoad("./testdata/key_log_2.conf") + if err == nil { + t.Error("err should not be nil") + return + } +} diff --git a/bfe_modules/mod_key_log/key_log_table.go b/bfe_modules/mod_key_log/key_log_table.go new file mode 100644 index 000000000..e46205208 --- /dev/null +++ b/bfe_modules/mod_key_log/key_log_table.go @@ -0,0 +1,49 @@ +// Copyright (c) 2019 The BFE Authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package mod_key_log + +import ( + "sync" +) + +type KeyLogTable struct { + lock sync.RWMutex + version string + productRules ProductRules +} + +func NewKeyLogTable() *KeyLogTable { + t := new(KeyLogTable) + t.productRules = make(ProductRules) + return t +} + +func (t *KeyLogTable) Update(conf keyLogConf) { + t.lock.Lock() + + t.version = conf.Version + t.productRules = conf.Config + + t.lock.Unlock() +} + +func (t *KeyLogTable) Search(product string) (*RuleList, bool) { + t.lock.RLock() + productRules := t.productRules + t.lock.RUnlock() + + rules, ok := productRules[product] + return rules, ok +} diff --git a/bfe_modules/mod_key_log/mod_key_log.go b/bfe_modules/mod_key_log/mod_key_log.go index 0459ff153..72754bc7e 100644 --- a/bfe_modules/mod_key_log/mod_key_log.go +++ b/bfe_modules/mod_key_log/mod_key_log.go @@ -1,4 +1,4 @@ -// Copyright (c) 2019 Baidu, Inc. +// Copyright (c) 2019 The BFE Authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,6 +17,8 @@ package mod_key_log import ( "encoding/hex" "fmt" + "net/url" + "path/filepath" ) import ( @@ -25,9 +27,9 @@ import ( ) import ( - "github.com/baidu/bfe/bfe_basic" - "github.com/baidu/bfe/bfe_module" - "github.com/baidu/bfe/bfe_util/access_log" + "github.com/bfenetworks/bfe/bfe_basic" + "github.com/bfenetworks/bfe/bfe_module" + "github.com/bfenetworks/bfe/bfe_util/access_log" ) // ModuleKeyLog writes key logs in NSS key log format so that external @@ -39,6 +41,10 @@ type ModuleKeyLog struct { name string // module name conf *ConfModKeyLog // module config logger log4go.Logger // key logger + + dataConfigPath string // path of data config file + ruleTable *KeyLogTable // table of key_log rules + } func NewModuleKeyLog() *ModuleKeyLog { @@ -52,18 +58,43 @@ func (m *ModuleKeyLog) Name() string { } func (m *ModuleKeyLog) logTlsKey(session *bfe_basic.Session) int { - tlsState := session.TlsState - if tlsState == nil { - return bfe_module.BfeHandlerGoOn + if m.isNeedKeyLog(session) { + tlsState := session.TlsState + if tlsState == nil { + return bfe_module.BfeHandlerGoOn + } + // key log format: